[Dovecot] ACLs are applied recursively to sub mailboxes
Timo Sirainen
tss at iki.fi
Wed Mar 4 18:19:44 EET 2009
On Wed, 2009-03-04 at 17:01 +0100, Sascha Wilde wrote:
> Hi *,
>
> The problem is most noticeable when a user shares his INBOX[0][1] with
> others:
>
> User A sets his INBOX acls to "eilprwtsd"
>
> Now User B can see _all_ sub mailboxes and sub sub [...] mailboxes and
> their contents of User A:
That shouldn't happen. There's no code for doing recursive ACLs. Sounds
more like a bug somewhere. I'll check it later.
> * ACL "INBOX" "A at example.com" akxeilprwtscd "B at example.com" eilprwtsd "A at example.com" lrwstipekxacd
A at example.com is there twice?..
> * LIST (\HasChildren) "/" "user/1 at aztec.intevation.de/foobar"
How does user B see this mailbox's ACLs? Is the mailbox also selectable?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20090304/a7b680a3/attachment.bin
More information about the dovecot
mailing list