[Dovecot] moving mail from private inbox to public folder kills the latter
Jerrale G
jerrale at sheltoncomputers.com
Wed Aug 11 20:32:10 EEST 2010
On 8/11/2010 12:54 PM, Tamas Kadar wrote:
> On 8/11/2010 6:52 PM, Jerrale G wrote:
>> On 8/11/2010 12:49 PM, Tamas Kadar wrote:
>>> On 8/11/2010 6:45 PM, Jerrale G wrote:
>>>> On 8/11/2010 12:02 PM, Tamas Kadar wrote:
>>>>> Also, it's weird that the mail we have since we migrated to
>>>>> dovecot is
>>>>> either 700 or 755, most user's mailboxes are 777, so it shouldn't be
>>>>> 700...
>>>>>
>>>>> (Yeah, I know, not very secure, however no user has shell access,
>>>>> only
>>>>> by mail)
>>>>>
>>>>> Best regrds
>>>>> Tamas
>>>>>
>>>>> On 8/11/2010 5:52 PM, Tamas Kadar wrote:
>>>>>> Hi
>>>>>>
>>>>>> I've ran into something rather nasty: if a user moves a mail from
>>>>>> its
>>>>>> inbox to a public folder, the folder becomes inaccessible for
>>>>>> others,
>>>>>> because the moved file will have the the permission 600 instead
>>>>>> of 777
>>>>>> (or 666) which the rest of the emails have in the folder.
>>>>>>
>>>>>> How can I change this behavior so when he moves the mail it
>>>>>> automatically becomes world-readable? Also why one mail kills the
>>>>>> whole
>>>>>> folder?
>>>>>>
>>>>>> Here's the error I get:
>>>>>> Error:
>>>>>> open(/home/_shared/projects/.Long.Folder/cur/1281535484.M3B5A7P15183Q0.mail_espell_com:2,Sb)
>>>>>>
>>>>>>
>>>>>>
>>>>>> failed: Permission denied (euid=1000(ktamas) egid=1000(ktamas)
>>>>>> missing
>>>>>> +r perm:
>>>>>> /home/_shared/projects/.Long.Folder/cur/1281535484.M3B5A7P15183Q0.mail_espell_com:2,Sb,
>>>>>>
>>>>>>
>>>>>>
>>>>>> euid is not dir owner)
>>>>>>
>>>>>> Thanks and best regards
>>>>>> Tamas
>>>>>
>>>> make sure you have the namespaces specified for the public folders so
>>>> that the correct permissions will be set.
>>>>
>>>> http://wiki.dovecot.org/Namespaces
>>>>
>>>> J. G.
>>>>
>>>> J. G.
>>>>
>>>
>>> I think I set it right, here are my namespaces:
>>>
>>> # User's mailbox
>>> namespace {
>>> inbox = yes
>>> location =
>>> prefix =
>>> separator = .
>>> type = private
>>> }
>>>
>>> # The public namespace
>>> namespace {
>>> location = maildir:/home/_shared/projects:INDEX=~/Maildir/_shared
>>> prefix = shared.
>>> separator = .
>>> subscriptions = no
>>> type = public
>>> }
>> That is fine as long as you don't have a mysql query, berkeley, or
>> passwd file looking up the user's homedir, password, and such as well.
>> If you do, take out the namespace for private as this will defined
>> another way.
>>
>> J. G.
>
> Users are authenticated through PAM. No SQL or BerkeleyDB involved. Do
> you mean that I should disable the private namespace and only define
> the public?
>
> Tamas
Yes, because you have it authenticated and defined by PAM or mail_location=
J. G.
More information about the dovecot
mailing list