Autor: Jeremy Harris Data: Para: exim-users Asunto: Re: [exim] tls_privatekey mode 644 / root owned -- why is it read
only after privileges have been droppped ?
First, you don't need to copy exim-dev as well as exim-users.
Devs will be reading both.
On 17/08/17 20:59, Patrick Pfeifer via Exim-users wrote: > I have configured exim4 on Ubuntu to use a Letsencrypt certificate /
> key, which is retrieved via Certbot and stored in
> /etc/letsencrypt/archive, which is root-owned and has mode 700 by default.
>
> Thus, in order to do get Exim to function, I was forced to hard-link the
> private key in the exim4 config directory and make it owned by Exim.
>
> It could be made group readable or whatever else, but in the end the
> solution of changing file permissions is not really satisfying at all.
Exim does as little work as possible while in a privileged state, and
drops privs to do the rest. To regain privs it execs a new Exim.
This is fundemental to the security model and keeping the attack surface
small.
The cert and privatekey files used can depend on information only
available immediately before they are needed (such as the remote IP).
As such they are only read at that time.
--
Cheers,
Jeremy