We are running cyrus imap on an OS X tiger server. I added a new user
to our openldap server with a groupname that matched the name of
another user, ie. username: doe, group: doe - newuser: jane, group: doe.
The new user jane was then able to see all of user doe's email
folders in a folder called "other users". (we use apple mail client
on tiger). Not only could she see but she had full access rights to
the other user's folders. Trying to remove the "other users" folder
from her mail account, the folder was deleted along with all of doe's
folders.
When I look at acls using cyrusadm there doesn't appear to be any
"group" access only user access.
I changed the name of the group to "doelab" and it appears that the
problem of seeing doe's mail has been resolved. But it seems to me
you should be able to have a username and a group be the same.
The only copy of the user's folders exist on a laptop that hasn't
been synch'd to the imap server since before the loss was discovered.
How do I get these folders back into the user doe's imap account?
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
