Author: Patrick Pfeifer Date: To: exim-users Subject: Re: [exim] tls_privatekey mode 644 / root owned -- why is it read
only after privileges have been droppped ?
On 2017-08-18 20:12, Jeremy Harris wrote: > First, you don't need to copy exim-dev as well as exim-users.
> Devs will be reading both. Ok. Sorry about the noise. > Exim does as little work as possible while in a privileged state, and
> drops privs to do the rest. To regain privs it execs a new Exim. Aha. Not in my setup though. (I see only one Exim process with UID
Debian-exim and I see no way that it could re-gain privs, although
root-owned, soes not have the suid bit set.) > The cert and privatekey files used can depend on information only
> available immediately before they are needed (such as the remote IP).
> As such they are only read at that time. Aha. Well, that feature is putting some hurdle to the implementation of
my idea somehow. How is it activated?
Actually /all/ those certificates could / would then just need to be
read into memory (or a file descriptor to them acquired) early on, i.e.
as root. I imagine that it the number of keys is reasonably small for a
typical setup - but I have no clue about such setups actually (?).
Or would that already be too much of a security threat in your eyes as
well? ... Actually I would argue against it, as with the current setup
Exim has access to all key files anyway. ...
