[Dovecot] Shared mailboxes basics

[Steffen Kaiser]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 19 Mar 2010, Thomas Hummel wrote:

> Ok, but I still don't quite get it : if you use the same UID, doesn't this
> somehow equates giving something like 777 modes in the system user case ? (I
> mean on an OS level, problems related to such loose permission are the same
> and, if in 777, permissions are no longer a problem for dovecot) ?

I tried to hack some magic into Dovecot v1.2, in order to use system users 
with the default 0700 perms and ACLs.

My idea was to put everybody sharing folders and everybody, who may access 
shared folders, into the same group "doveshared", then leverage the 
Unix permissions, that this group may access the folders. So I do not need 
to use 0777 everywhere.

In fact, I was not able to find a reliable way to get the Unix-permissions 
right for new mails. Maybe this was because I didn't set ".dovecot-shared" 
or the Unix-permission of the Maildir base directory right.

I also got fchown() errors for shared mailboxes with write access to 
non-owners.

Because of this I dropped the idea to use system users with ACLs.

Do you use 0777 Unix perm on all Maildir's and mail folders? Is it working 
reliable, when mails are dropped with Deliver and APPEND, and when the 
MUA creates new (sub-)folders?

Regards,

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBS6c3nL+Vh58GPL/cAQIjBgf+IS5agBER7xrbNiHtxe+UPq3Xm4coeGAH
DAYsvhATIDoc26knA/NAaCf2ypH+QmddelhIkFhPy+JRLa9qmWd69W9/FRw8x8pe
Cpauds/Lwh/iH+apybECB4z5sQ6NZPYZoHJeEidKI/MZeaFnULO2ZDBVcSLK5X14
SmZC2Ji4plz8QPIRa671ZkTmAItViTBho8KTIDny/eJdFX6Acz0L6kLLUek7LrhW
4WpJCPfJ4+lTJE5Zjr7INZiX/2QXW7wp24/sq1j2C9Sd0fZawN3J45a3AKtcx1QW
LsfXH1J6FpvaLfNg+uIesYxwuACwbeWoMm0CZLyjgPnfXOGLErECuA==
=5dks
-----END PGP SIGNATURE-----