[Dovecot] dovecot-acl file questions

[Steffen Kaiser]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 16 Jun 2009, Steffen Kaiser wrote:

> playing around with Dovecot's v1.2 ACLs I wondered about some things about
> the dovecot-acl files:
>
> + They are created within the Maildirs, as described in
> http://wiki.dovecot.org/ACL.
>
> But why? Shouldn't they belong to the CONTROL= directories? So it is more
> compatible with filesystem quota.
>
> + They have 0666 permissions, but all other files (e.g. when I create a
> new mailbox) have 0660 permissions.
>
> Are the permissions selected explicitly to allow "a"-right for other
> (system) users?

OK, because of the "a"-right, any user must be potentially able to change 
the dovecot-acl files, hence, they are neither in the CONTROL directory 
nor permissions other than 0666. But why has dovecot-acl-list permissions 
0660?

It looks like Dovecot first writes a temp file (*.lock), then replaces the 
dovecot-acl file only, if no over quota happens.
There is a problem, if dovecot-acl could be updated, but dovecot-acl-list 
could not. SETACL succeeds in this case, is this a problem?

Bye,

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSjecKnWSIuGy1ktrAQLQTgf+KcqbDLsVp3D5GBVGlRZamxmZYzietdpT
oOYqIupoFkFpM+G//kHCKYBRF2szdpJKxywYeJR4LRTT7pEkW51p+FIRc0B+qAGO
XRBX+K1X/JAXHKabA+ruWOWWE0F9bWrB7AqxiW44rGxXP7mTezaDLYTOVG5ojHx3
2su3CAmPX18TSKWy/V98OdPGcd+LxvsotQi1a+5fky47LKZRtVxzxp5ZqTtyRB1g
EorY2u+B2dZfYhFjwJoqxtqiHpVjIPBeXxQcOO5Fbg/SHVLL01TrzmqDeMu5DazT
8A63YZc1hWTDhddQUljs5e6tT7Hsfx/0FvZhzEZQfJsCC7EZT3UiiQ==
=qXTX
-----END PGP SIGNATURE-----