[Dovecot] Feature request for maildir style boxes
Timo Sirainen
tss at iki.fi
Wed Oct 6 03:17:55 EEST 2010
On 6.10.2010, at 0.56, David Ford wrote:
> what is the purpose in dovecot assuming that it should set a gid other
> than the userid:gid it's operating under?
Shared mailboxes.
> security minded folks make explicit permissions on directories to
> prevent software from errantly setting loose ownership which might lead
> to unintended information leakage or unauthorized access by other
> software. the directory is not setgid, programs should not attempt to
> give away ownership unless directed to.
Maybe it should have been done only with g+s mode set. I may have had a reason for why I didn't do it that way, or maybe not. Changing it now would anyway break existing installations, so that doesn't seem like a great idea either.
More information about the dovecot
mailing list