[Dovecot] master user and ACL's
Peter Mogensen
apm at one.com
Sun Feb 9 08:36:04 UTC 2014
Hi,
Quick question...I read in the docs that:
"Master user is still subject to ACLs just like any other user, which
means that by default the master user has no access to any mailboxes of
the user."
... and that the standard workaround is to return master_user=%u from
the userdb.
But why is the master_user authn-id used in the ACLs and not the
authz-id (requested-login-user) ?
Isn't the whole point of SASL authz-id semantics to have authorization
resolved based on the authz-id?
/Peter
More information about the dovecot
mailing list