On 6.10.2010, at 0.56, David Ford wrote: > what is the purpose in dovecot assuming that it should set a gid other > than the userid:gid it's operating under?
Shared mailboxes. > security minded folks make explicit permissions on directories to > prevent software from errantly setting loose ownership which might lead > to unintended information leakage or unauthorized access by other > software. the directory is not setgid, programs should not attempt to > give away ownership unless directed to. Maybe it should have been done only with g+s mode set. I may have had a reason for why I didn't do it that way, or maybe not. Changing it now would anyway break existing installations, so that doesn't seem like a great idea either.
