On 6.12.2010, at 23.02, Mike Abbott wrote: >> when ACL plugin is loaded the master user by default has no permissions to >> any mailbox. > > But without the ACL plugin a master user has all of the regular user's > access, including unlimited read/write/delete powers. Submit users don't > because of COMMAND_FLAG_OK_FOR_SUBMIT_USER.
Yes, but this is just an additional check that's enabled when submit_user != NULL. If it wasn't checked, there would be no difference between a submit_user and a master_user. So might as well call it master_user and add a submit-flag to enable this extra restriction. >> Maybe "master user" should have been named something more neutral, like >> "authentication user" or something.. > > Please no, not that. Do you know how messy it is already to grep through the > code for the words "master" and "user"? If you do change this name make it > something new to dovecot, like chameleon or usurper or something. I know authentication user would be a pretty horrible name. That's why I named it master user, because I couldn't think of anything better :) But I guess at least in wiki there should be more talk about "master user" not being the same as "admin user". There is actually already a check in imap-quota plugin that allows admin user to get quota for other users. This is checked from struct mail_user.admin boolean. Nothing ever sets that flag though..
