On Mar 17, 2009, at 12:08 PM, Timo Sirainen wrote:
On Mar 16, 2009, at 4:12 PM, Timo Sirainen wrote:
Hmm. I'm not sure if there's a reason for the existence of the
default
ACLs being looked up from dovecot-acl file. I think the initial fix
could be to simply not do that. If someone really wants to have
different default ACLs they could perhaps be stored in a file with
different name.
Actually I remembered now: With global ACLs it allowed
having .DEFAULT file describing the default ACLs, which could be
used to e.g. allow some specific user access to everyone's maiboxes.
So I guess the right fix would be to keep this behavior but not to
look up INBOX's dovecot-acl file.
Although if user creates new ACLs tat probably causes overriding
the .DEFAULT file, so this is a bit pointless. I guess it would be
nice to have "global ACLs that apply to all mailboxes regardless of
whether they contain their own ACLs", but I guess it can wait until
someone actually requests such feature :)
