On Fri, 2006-09-29 at 11:11 -0500, Logan Shaw wrote:
[1] Specifically, if getpwnam() returns a username that doesn't match what it was called with, dovecot calls i_fatal() whose output I assume will go to the log file. Since (a) the wrong messages got downloaded, and (b) I didn't see any "BROKEN NSS IMPLEMENTATION" message in the log file, I assume the check isn't firing.
I haven't before heard that this check wouldn't have caught the problem, but since I don't know what exactly the bug in nss_ldap is, I guess it's possible that sometimes the username is correct but the rest of the data (uid and home dir especially) isn't..
In any case, the only case when I've ever heard that user has had access to another user's mailbox accidentally is with nss_ldap, so I'm pretty sure that's the problem even if my check isn't working.