[Dovecot] Help needed with plugin - Read Only access to IMAP mailbox

Timo Sirainen tss at iki.fi
Wed Aug 25 17:25:46 EEST 2010


On Wed, 2010-08-25 at 15:51 +0200, Chris Moules wrote:
> > I think you could pretty easily add support for "default ACL file" that
> > is used instead of the internal ACL defaults. I've been planning on
> > doing that at some point anyway. Maybe ~/Maildir/dovecot-acl-default or
> > something.
> 
> So, that should be a patch to the current ACL plugin?

Yes.

> Any pointers on where to start with that? I only started on dovecot plugin programming yesterday. The ACL plugin seemed the most 
> complex so I avoided it for 'learning'.

Hmm.. Now that I look at the code, the default ACL handling is a bit
strange and I guess it needs some rethinking. But, I think for your
purpose you can do it very easily. acl-backend.c contains:

static const char *const owner_mailbox_rights[] = {
  ..

Simply change that list to what rights you want to have (probably
LOOKUP, READ).

> >> The plugin forces the MAILBOX_OPEN_READONLY flag in a mailbox_open() call.
> > 
> > Yeah .. this flag isn't enforced much really.. I think I should just
> > remove it.
> > 
> 
> Well, that explains why it seemed to work, but not really.
> An alternative to removing it could be to enforce it...

The reason why I didn't want to do that was because it wasn't entirely
clear what operations should be readonly and what shouldn't. For example
originally I was using READONLY whenever mailbox was opened with IMAP's
EXAMINE command instead of SELECT command. But it's still valid to save
a new message via APPEND command, because it doesn't care about what
mailbox is selected at the time. But Dovecot optimized this so that it
used the existing EXAMINEd readonly mailbox, which then failed saving.
Another possible fix would have been to simply open the same mailbox
again as readwrite, but that wasted CPU, memory and maybe disk I/O..



More information about the dovecot mailing list