21 Nov
2007
21 Nov
'07
5:20 a.m.
I noticed this today, I had a user outside of our department test out
dovecot. They were using squirrelmail and I noticed that dovecot thinks
this user is subscribed to ALL public folders even though a dovecot
ACL prevents all access. I'm pretty sure access is still denied.
I was able to reproduce this with a guest account I added:
l lsub "" "#shared/decs/%"
- LSUB (\Noselect) "/" "#shared/decs/linuxadmin"
- LSUB (\Noselect) "/" "#shared/decs/jbossadmin"
- LSUB () "/" "#shared/decs/support"
- LSUB () "/" "#shared/decs/receipts"
- LSUB (\Noselect) "/" "#shared/decs/pcadmin"
- LSUB () "/" "#shared/decs/network"
- LSUB (\Noselect) "/" "#shared/decs/printmaster"
- LSUB () "/" "#shared/decs/postmaster"
- LSUB (\Noselect) "/" "#shared/decs/unixadmin"
- LSUB () "/" "#shared/decs/security"
- LSUB (\Noselect) "/" "#shared/decs/webmaster" l OK Lsub completed.
This only seems to happen when the acl plugin is enabled. Without the acl plugin, these are not listed as subscriptions. After deleting /egr/mail/shared/decs/dovecot-acl-list and re-enabling the acl plugin, I get this:
l lsub "" "#shared/decs/%"
- LSUB () "/" "#shared/decs/unixadmin"
- LSUB () "/" "#shared/decs/support"
- LSUB () "/" "#shared/decs/security"
- LSUB () "/" "#shared/decs/printmaster"
- LSUB () "/" "#shared/decs/postmaster"
- LSUB () "/" "#shared/decs/pcadmin"
- LSUB () "/" "#shared/decs/network"
- LSUB () "/" "#shared/decs/linuxadmin"
- LSUB () "/" "#shared/decs/webmaster"
- LSUB () "/" "#shared/decs/jbossadmin" l OK Lsub completed.
Is it related, or is it different just because a new dovecot-acl-list got created by another user already (but is mode 700?)