[Dovecot] question dovecot Inheritance global acl vs userfolder acl
Robert Schetterer
robert at schetterer.org
Tue May 1 09:16:47 EEST 2012
Am 01.05.2012 02:29, schrieb Timo Sirainen:
> On Mon, 2012-04-30 at 20:55 +0200, Robert Schetterer wrote:
>> Hi Timo
>> my tests resulted in
>> inheritance is given if a userfolder has set some acl to its new created
>> subfolder , which is nice
>>
>> if some userfolder has its acl from global acl
>> there is no inheritance to its new created subfolders,
>> that subfolders will always created with full owner rights
>>
>> i am not really sure if its a good idea
>> to have inheritance from global acl and
>> if its hackabel what is your idea to this ?
>
> There is no ACL inheritance feature in Dovecot at all. The only thing
> that kind of appears as being inheritance is that when you create a new
> mailbox, its ACLs are copied from the parent's (but any future changes
> to parent ACLs won't change the child's.)
>
> I've been planning on changing how global ACLs work though. The idea
> would be that you'd have a single dovecot-global-acl file that has
> fields:
>
> <mailbox pattern> <ACL>
>
> So for example you could say:
>
> foo user=tss lrw
>
> This would work the same way as now. But you could also add:
>
> foo/* user=admin lrwstipekxa
>
> This would also apply to the children. Still, none of this is really
> "inheritance".
>
Hi Timo, i would say this would be "good enough"
for new handling global acls , however if its not really
inheritance
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
More information about the dovecot
mailing list