[Dovecot] workaround for shared maildirs
Timo Sirainen
tss at iki.fi
Sun Oct 19 12:13:46 EEST 2008
On Sun, 2008-10-19 at 10:10 +0200, Giuliano Gavazzi wrote:
> On S 18 Oct, 2008, at 22:06 , Giuliano Gavazzi wrote:
> [...]
> >
> > namespace public {
> > separator = .
> > prefix = INBOX.Public.
> > inbox = no
> > location = maildir:/SharedMaildirs/Public:CONTROL=~/Maildir/
> > control/Public:INDEX=~/Maildir/index/Public
> > hidden = yes
> > list = yes
> > subscriptions = yes
> > }
>
>
> Tested also with dovecot-1.2.alpha2.
> As for file permission, my dovecot-shared is
>
> -rw-------+ 1 dovecot staff 0 Oct 18 14:58 dovecot-shared
If "dovecot" is also running login processes, it's preferrable that it's
not used for anything else. Doesn't really matter here, but the login
processes shouldn't have access to any files anywhere outside their
chroot.
(Wonder if I could rename the dovecot user to something else.. I've
previously also thought about this. dovenone, dovelogin or dovenot
maybe.)
> Now, I have to work out how to limit delete to message owners (and the
> T flag private) so that only owners or the administrator can delete
> files.
Dovecot doesn't track message owners, so this probably isn't too easy.
If you use system users then I guess the owner is the file's owner. Then
I can see two possibilities:
a) Modify Dovecot sources to check the owner before allowing delete flag
(or expunge?)
b) chmod +t cur/ directory. But that also disallows all shared flag
changes by non-owner.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20081019/340c9f5f/attachment.bin
More information about the dovecot
mailing list