[Dovecot] ACLs are applied recursively to sub mailboxes

Timo Sirainen tss at iki.fi
Tue Mar 17 18:08:09 EET 2009


On Mar 16, 2009, at 4:12 PM, Timo Sirainen wrote:

> Hmm. I'm not sure if there's a reason for the existence of the default
> ACLs being looked up from dovecot-acl file. I think the initial fix
> could be to simply not do that. If someone really wants to have
> different default ACLs they could perhaps be stored in a file with
> different name.

Actually I remembered now: With global ACLs it allowed having .DEFAULT  
file describing the default ACLs, which could be used to e.g. allow  
some specific user access to everyone's maiboxes. So I guess the right  
fix would be to keep this behavior but not to look up INBOX's dovecot- 
acl file.



More information about the dovecot mailing list