On 6/7/2013 12:55 PM, Sam Varshavchik wrote: > Jakob Bohm writes: > >> On 6/7/2013 12:10 AM, Sam Varshavchik wrote: >> > Jakob Bohm writes: >> > >> >> Alternatively (third fallback), a clear statement regarding the >> >> ability of Courier-IMAP to work with folders that are symlinked into >> >> multiple locations (this requires extensive scripting to create and >> >> remove symlinks as folders come and go, but might be doable if it >> >> doesn't upset the internal logic in Courier). >> > >> > Should be fine, except for one aspect. This isn't much different than >> > multiple IMAP servers using the same folder, which is what happens >> > when you use real shared folders. >> > >> > Except that each client will have the ability to delete the folder, >> > which will happily delete every message in the folder. Real shared >> > folders use ACLs to prevent that. But you have some exposure here. The >> > IMAP server needs write access to the maildir, in order to move new >> > mail from new to cur, as well as update some metadata files in the >> > mail folder's root. Which means that the IMAP server will have write >> > access to remove any message in the shared folder, and remove the >> > entire folder. Which won't be good. >> > >> Are you saying that ACLs on non-shared folders are ignored?, that >> would be quite a gaping hole I would say. > > No, they're not. But when you just symlink something into your > mailbox, for all intents and purposes it looks like a folder that's a > part of your mailbox, so you have full admin privileges, and can set > whatever ACLs you want on it. > > When you have real shared folders, it's quite clear if a shared folder > comes from another mailbox, and you do not have admin privileges on it > (unless the mailbox owner gives it to you). > Just too bad your implementation only works with one commonly available mail client then! >> >> > I would recommend that you hack the code and modify it to reject a >> > DELETE of a shared folder. Come to think of it, I like this idea >> > myself: refuse to DELETE or RENAME some folder if it's a symbolic >> link. >> > >> >> P.S. >> >> >> >> I am aware that the Courier suite includes a modified Squirrelmail >> > >> > It's not a modified Squirrelmail. It's original code, a webmail client >> > written from scratch. >> > >> Ahh, the "sq" in the name had me confused. > > Ancient history. "S" is for me. "Q" is for Qmail.
Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
