On Wed, 12 May 2004, David Nicol wrote: >bincimap is designed to use UID security. Is attention paid >to preventing file accesses outside of the designated IMAPdir? >I am developing an e-mail system under which all e-mail is owned >by the "email" user. I want to have the e-mail system handle >identifying and authenticating an IMAP connection, switch to the >IMAPdir for the correct user, and exec bincimap. >Will that work?
Not quite sure what you mean by the "email system", but I understand you correctly, this is how vpopmail and vmailmgr work already. The checkpassword program is simply replaced with one that does your special authentication mechanism (vmailmgr checks against a .password file in everyone's mail depository), then if all is okay, it chdirs to the correct depot, then executes bincimapd there. If you want to execute bincimap directly in a directory after authentication (if you do bincimap-up's job) then you'll run into some problems with special environment variables that need to be defined. In early stages of Binc IMAP, I never thought anyone would want to run bincimapd without bincimap-up, so the env variables are encoded in hex to avoid encoding problems. In 1.3 they will be plain, though. Andy :-) -- Andreas Aardal Hanssen | http://www.andreas.hanssen.name/gpg Author of Binc IMAP | "It is better not to do something http://www.bincimap.org/ | than to do it poorly."
