[Dovecot] v1.2.beta1 released

Timo Sirainen tss at iki.fi
Sat Feb 21 00:12:06 EET 2009


On Thu, 2009-02-12 at 13:10 +0100, Sascha Wilde wrote:
> - cyrus imapd actually tries[1] to implement a variant of this
>   possibility in that it does not allow to remove the 'a' right from the
>   owner: 

I implemented this to Dovecot now too.

> > I think the owner ACLs are usually in global ACL files, so
> > it's probably not possible to remove or change it, only add a new
> > user=x.
> 
> I think that it would be best to always map the owners user name to
> the keyword "owner" and vice versa between the IMAP front end and the
> acl back end.  This way user=x where x is the owners user name should
> never appear in an dovecot-acl file.

I did consider this too, but then I thought that it could cause wrong
results in some special situations. For example if another user's
mailbox is symlinked to your private namespace and you change your own
rights, it really should change them and not the owner's.

> So it boils down to the question
> if the individual acl-files should take precedence over the global one
> -- without having checked I assume this decision already has been made.

IIRC in v1.1 mailbox ACL files take precedence, but in v1.2 globals take
precedence. I changed it because users shouldn't be able to override
admin's decisions.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20090220/14f7cf60/attachment.bin 


More information about the dovecot mailing list