On 6.10.2010, at 0.09, David Ford wrote:
On 10/05/2010 06:44 PM, Timo Sirainen wrote:
On 5.10.2010, at 23.38, David Ford wrote:
net-mail group is used by sendmail, procmail, dovecot, and additional programs that read/write in the users mail directory. Can you give some specific examples?
i did. sendmail accesses .forward or aliasing files,
Isn't .forward typically in home dir, not under maildir? I don't know about per-user aliases file (there's such a thing?), but I'd guess that is also under home dir.
procmail does delivery, .. new/ and tmp/ are set to david:david 0700 as cur/ is
It can't do delivery as net-mail group if they're 0700.
dovecot does read/write for imap, pine reads and writes and webmail cgi reads and writes or uses imap.
None of those can work either with net-mail group permissions since all the necessary dirs are 0700.
.maildir cannot be 0700 because programs that don't run as the same userid but only as the group id cannot then access the .maildir directory. it's not important that they have access to files below the top level mail store. procmail issues an error when writing in tmp/ as well.
You still haven't given one example of where it's actually useful to have it 0770. Seems to me that your problem would simply go away with chmod 0700 .maildir.