On Mar 16, 2009, at 4:12 PM, Timo Sirainen wrote:
Hmm. I'm not sure if there's a reason for the existence of the default ACLs being looked up from dovecot-acl file. I think the initial fix could be to simply not do that. If someone really wants to have different default ACLs they could perhaps be stored in a file with different name.
Actually I remembered now: With global ACLs it allowed having .DEFAULT file describing the default ACLs, which could be used to e.g. allow some specific user access to everyone's maiboxes. So I guess the right fix would be to keep this behavior but not to look up INBOX's dovecot- acl file.
