-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 24 Oct 2006, Timo Sirainen wrote:
I think the "public folders" configuration will stay as it is now. Does it really even need anything else? The problematic case is how the users can share their mailboxes to other users. There are two problems related to it:
- How to get (quickly) a list of another user's mailboxes that I have access to?
You need this information for "LIST"? Just asking, it would help for large folder structures only, right? Otherwise, it adds yet another redundant stuff, one needs to maintain and probably fix, e.g. run a nightly job to verify the symlinks.
- How to get quickly a list of all users who have mailboxes that I have access to?
Why do you need this information? Wouldn't it better to pass this information araund via, say, EMail? Then an user may SELECT a specific mailbox directly or can LIST an specific user.
===
What worries me more is the information in the following two pages: http://wiki.dovecot.org/ACL http://wiki.dovecot.org/SharedFolders
For virtual users (with just one account for all users) there is no problem, but for real users ACLs superceed filesystem permissions. Dovecot would need to maintain the "dovecot-shared" files as well as mangle the permissions correctly.
For global shared mailboxes one need to create a group giving all users get read / write permission, possibly narrowed down by the ACLs. But users with shell access can bypass the ACLs.
When an user shares a mailbox to other users, either all these users must belong to one group or Dovecot need to create a group dynamically for them.
Bye,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)
iQEVAwUBRT9nQi9SORjhbDpvAQKDgAf9EGtrFYcK84kAuDUiX/NovsnsxkALowRx OiedYNe5zXYhJnsss4PPxy6G2MtR6kEuP5z98r/HY0Koa2G/SmCjVGRmMnT1ZN0S Yf/igXU5HLSMllT3Kz4R3O5pwBFLDQieLufNrL3FCkbgCEqD/t3TGvBM/C+WKY3f pQyBzPbacUT4NqwlvLlRlC0UhgGHbpaCGdK6kTIsY6LH1xW90/W0wDbQNLSRZULP bgddCONV+jrbPFh/vZhH+Zjle9IWqKlKxUxSO+7R2ZYfrqQ+8AcRC8ElKZGDx8Ok 0CtZ3Ovi62qxbcqJrpk8I7fgvsL/Uw7VROZL5+pyKt5smGzl7FEL0g== =sr1Q -----END PGP SIGNATURE-----