Question concerning the treatment of certificate and key files... I am in the midst of SSL-enabling a large application using OpenSSL 0.9.7g on various unix systems. I am also relatively new to OpenSSL, so I apologize in advance if the quesion is silly. One component is a server that, in the SSL version, starts running as user X (not root) and does the usual SSL initialization stuff with SSL_CTX_use_certificate_chain_file, SSL_CTX_use_PrivateKey_file, etc. The user X is the only system user (aside from root) that has read access to these files. Communications using TLS proceeds for a while with various clients; all is well. The application image is setuid root and verifies at startup that it is running as user X.
A later phase can, in some circumstances, require that the server change its effective UID to that of user Y in order to be able to write into the file system in an area to which only Y has write access. Data written to the file system arrives on an SSL connection established before the UID was changed, but that data is partly read from the connection while the effective UID is that of user Y. The question: I am concerned that SSL might have recourse to access the original key and certificate files some time during this process, for example, if a renegotiation is requested by the client. This would of course not work since user Y cannot open these files. Is this a likely possibility, or is everything that SSL requires already in memory of a result of the initial context setup? -steve ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
