[Dovecot] dovecot-acl file questions
skdovecot at smail.inf.fh-brs.de
Tue Jun 16 16:20:39 EEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 16 Jun 2009, Steffen Kaiser wrote:
> playing around with Dovecot's v1.2 ACLs I wondered about some things about
> the dovecot-acl files:
> + They are created within the Maildirs, as described in
> But why? Shouldn't they belong to the CONTROL= directories? So it is more
> compatible with filesystem quota.
> + They have 0666 permissions, but all other files (e.g. when I create a
> new mailbox) have 0660 permissions.
> Are the permissions selected explicitly to allow "a"-right for other
> (system) users?
OK, because of the "a"-right, any user must be potentially able to change
the dovecot-acl files, hence, they are neither in the CONTROL directory
nor permissions other than 0666. But why has dovecot-acl-list permissions
It looks like Dovecot first writes a temp file (*.lock), then replaces the
dovecot-acl file only, if no over quota happens.
There is a problem, if dovecot-acl could be updated, but dovecot-acl-list
could not. SETACL succeeds in this case, is this a problem?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the dovecot