On 19.5.2005, at 18:15, Chris Wakelin wrote:
I've had a go at adding a "readonly" namespace option to dovecot-1.0-stable. My idea is to provide access to NetApp ".snapshot" versions of NFS-mounted maildirs to let users recover their own messages. I'm not sure whether anyone else would find it useful, but here it is in case :-)
There are two patches, one to add the option, the other to add some checking to various IMAP commands just in case the client doesn't behave itself when told the mailbox is read-only ;-)
How about if the readonly setting was set as parameter in location setting, so the storage code could handle it itself and set itself to read-only state? Dovecot already supports read-only mboxes and maildirs so I think this way you wouldn't have to add extra readonly-checks.
Although you'd still have to add checks for create/delete/rename commands and that code would be mbox/maildir specific then..
But as you said, ACLs would be the real solution :) Hmm. Perhaps it's time to start thinking about those too. Normally ACLs would be set by user itself for his own mailboxes. That case should be pretty simple. We could use some ACL-file and possibly filesystem's own permissions as well. I think for public folders you'd also have them in some namespace, and the ACLs be defined in there in a separate ACL-file.
But what about the kind of ACL-support your snapshots-case would need? It's kind of a special case because it's a namespace that points to different location for every user. I think this falls into same category as nondeletable folders that some people want for Drafts/Trash/etc. Would we need some globally defined ACL blocks in configuration file where you can give a list of folder masks where it's effective? Maybe..
Are those two cases enough for everything anyone would want from ACLs?