On Mon, 2010-03-22 at 11:05 +0100, Thomas Hummel wrote: > On Mon, Mar 22, 2010 at 10:25:45AM +0100, Steffen Kaiser wrote: > > > My idea was to put everybody sharing folders and everybody, who may access > > shared folders, into the same group "doveshared", then leverage the > > Unix permissions, that this group may access the folders. So I do not need > > to use 0777 everywhere.
Oh, I got mixed you two up in my previous reply :) > So basically, you get to the "single UID virtual users" solution but with GID, > right ? > > Do you mean your maildirs are all in 0770 <user> doveshared ? But it still > gives too much permission in general...Especially if your users can access > their mailboxes outside of IMAP (NFS, CIFS, ...). How do you deal with that ? You don't need to put all users into doveshared group. You just need to set mail_extra_groups=doveshared, so only Dovecot processes have such extra access.
signature.asc
Description: This is a digitally signed message part
