The real problem that you have to face is security. imapd uses the UNIX filesystem to authorize file access. If you allow other-user access at all you have to have as many unique access tokens as there are unique users. Otherwise joe would have free access to sally's files, just because joe and sally have the same UNIX UID.
If you disable other-user access in imapd (read about restrictBox), then you don't have to worry about this as much. Of course, then you have to trust imapd to make the right checks in all circumstances and that no clever hacker can figure a way around it.
I personally believe in 32-bit UNIX UIDs.
-- Mark --
http://staff.washington.edu/mrc Science does not emerge from voting, party politics, or public debate. Si vis pacem, para bellum.
