[Dovecot] BUG(?): Incorrect responses for ACL prohibited actions

Timo Sirainen tss at iki.fi
Thu Feb 9 19:52:43 EET 2012


Continuing this old thread:

On Tue, 2011-05-10 at 22:46 -0600, Michael M Slusarz wrote:
> But as far as the NO for a non-silent STORE, it seems that RFC 4314  
> [4] disagrees with you:
>        STORE operation SHOULD NOT fail if the user has rights to modify
>        at least one flag specified in the STORE, as the tagged NO
>        response to a STORE command is not handled very well by deployed
>        clients.
> To me, the negative inference from this statement would be: "STORE  
> operation SHOULD fail if the user has no rights to modify at least one  
> flag specified in the STORE."

That's not the negative of it. :)

> At a minimum, a NOPERM response should be thrown, or else there is no  
> feedback at all why the flag was not set (without parsing ACLs).   

Perhaps OK [NOPERM] or some other kind of informational message about
it .. But there's no way to do it with Dovecot's current API.

Also RFC 3501 recommends implementing "session flags" for flags that
cannot be permanently stored. So even if user doesn't have access to set
any flags, a "well behaving IMAP server" (so not Dovecot :( ) would set
those flags for the duration of the current session.

Anyway, you can look at PERMANENTFLAGS reply to see if it's possible to
set the flag, no need to look at ACLs.

> >> My reading of this is that NOPERM should be returned for ANY ACL  
> >> prohibited action, not just for selecting or creating a mailbox.   
> >> Dovecot 2.0.12 does not return NOPERM for DELETE/EXPUNGE actions  
> >> (at a minimum) that are prohibited.
> >
> > I'm not really sure. Maybe for EXPUNGE a NO would be okay. For flag  
> > changes it's just annoying to see clients popup pointless error  
> > messages when trying to set a \Seen flag (or \Answered flag when  
> > replying).

Apparently I've tried this earlier, since there's a comment in code:

	ret = acl_mailbox_right_lookup(_mail->box, ACL_STORAGE_RIGHT_EXPUNGE);
	if (ret <= 0) {
		/* if we don't have permission, silently return success so
		   users won't see annoying error messages in case their
		   clients try automatic expunging. */

More information about the dovecot mailing list