On Tue, 7 Feb 2006, Robert Schmid wrote:
I have one user with complete access to another users mailbox hierarchy.
I dumped the entire mailbox database using ctl_mailbox -d.
I deleted two lines for a couple of shared directories and double checked
the permissions for the two users. I could see nothing that would allow
the one user to see the other. Also there appears to be a folder 'Other
Users' under which the other user's directory is seen. There was no sign
of a mailbox called 'Other Users' in the database.
I then rebuilt the mailboxes database from the text file. As expected the
two shared folders were gone but the one user can still see the other
user's hierarchy.
"Other Users" is how you see other user mailboxes when you have sort of
access to them, from an IMAP client. You won't find "Other Users" in the
mailboxes.db.
Where else should I look to find out how this user is getting access to
these other mailboxes?
What are the permissions on the mailbox that appears under Other Users?
Perhaps there is an ACL on a subfolder of that mailbox that is granting
access? What does "sam user.foo" say for the user foo in this case?
Andy
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
