Hello, On Sun, Oct 11, 2009 at 12:45:20PM +0200, Bjørn Mork wrote: > Nicolas François <nicolas.franc...@centraliens.net> writes: > > > When an user is created, useradd creates a /var/mail/$USER mailbox with > > the mode 0660 (owned by $USER:mail). > > > > I heard this causes some issues for dovecot, and a solution could be to > > move to mode 0600. > > Where did you hear this?
It was a request on IRC > Exactly what did you hear? IIRC, it was a problem for the support of shared mailboxes. Index files are created whose permissions mimic the mailbox' permissions. The 'mail' group ownership would require dovecot to be in the mail group. I assume that this could be solved internally by dovecot, but it would be easier (and safer) to move to a 0600 policy. > Is this documented in a bug report? > > Maybe some reference(s) to the bug report(s) would make it easier for > the rest of us to understand the issues? > > > > Here is an extract from the Debian policy: > > > > Mailboxes are generally either mode 600 and owned by <user> or mode > > 660 and owned by `<user>:mail'[3]. The local system administrator may > > choose a different permission scheme; packages should not make > > assumptions about the permission and ownership of mailboxes unless > > required (such as when creating a new mailbox). > > Anyway, doesn't this make any dovecot issue a policy violation? Or am I > misunderstanding the "packages should not make assumptions about the > permission and ownership of mailboxes" part? It would be a violation of a "should". This "should" is also followed by "unless required", which is vague enough to include any technical reason dovecot may have. Best Regards, -- Nekral -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
