[Dovecot] ACLs are applied recursively to sub mailboxes
Sascha Wilde
wilde at intevation.de
Mon Mar 9 17:46:44 EET 2009
Timo Sirainen <tss at iki.fi> writes:
> On Wed, 2009-03-04 at 17:01 +0100, Sascha Wilde wrote:
>> Hi *,
>>
>> The problem is most noticeable when a user shares his INBOX[0][1] with
>> others:
>>
>> User A sets his INBOX acls to "eilprwtsd"
>>
>> Now User B can see _all_ sub mailboxes and sub sub [...] mailboxes and
>> their contents of User A:
>
> That shouldn't happen. There's no code for doing recursive ACLs. Sounds
> more like a bug somewhere. I'll check it later.
Hi, have you already found the time to have a look at it? Otherwise it
might be a good idea if we (== any of the Kolab people at Intevation)
had a look at some of the ACL problems I reported?
cheers
sascha
--
Sascha Wilde OpenPGP key: 4BB86568
http://www.intevation.de/~wilde/ http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20090309/81b1cddb/attachment.bin
More information about the dovecot
mailing list