[Dovecot] dovecot ignoring folder permissions on directory creation

[Timo Sirainen]

On Mon, 2009-11-16 at 13:54 +0000, Peter wrote:
> drwxr-xr-x 3 root   root     21 2009-11-16 13:36 /home
> drwxrwx--x 3 nobody maildir  21 2009-11-16 13:36 /home/mail
> 
> I would expect a user logging in to have their mail directory created
> automatically with the same permissions (but not necessarily the same
> group).

If the group isn't copied, what use is it to copy the group's
permissions?

I don't think Dovecot should copy the parent directory's permissions
when creating mail root dirs. It just seems too dangerous. I know some
people are using 01777 permission root directories, and that really
shouldn't be copied.

> I've tried pre-creation of /home/mail/adomain, /home/mail/adomain/auser and
> /home/mail/adomain/auser/Maildir in each case with permissions 0770 but in
> each case subsequent subdirectories and files are 0700/0600.

Pre-creation (e.g. in post-login script)
of /home/mail/adomain/auser/Maildir should work, and in my testing it
does:

~/Maildir3% ls -la
total 40
drwxrwxrwx  5 timo timo  4096 2009-11-23 16:46 ./
drwxr-xr-x 82 timo timo 12288 2009-11-23 16:41 ../
drwxrwxrwx  2 timo timo  4096 2009-11-23 16:46 cur/
-rw-rw-rw-  1 timo timo    64 2009-11-23 16:46 dovecot-uidlist
-rw-r--r--  1 timo timo     8 2009-11-23 16:46 dovecot-uidvalidity
-rw-r--r--  1 timo timo     0 2009-11-23 16:46 dovecot-uidvalidity.4b0b02ad
-rw-rw-rw-  1 timo timo   412 2009-11-23 16:46 dovecot.index.log
drwxrwxrwx  2 timo timo  4096 2009-11-23 16:46 new/
drwxrwxrwx  2 timo timo  4096 2009-11-23 16:46 tmp/

Looks like the dovecot-uidvalidity* permissions aren't correct, I'll fix those.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20091123/a5b84d87/attachment.bin