> For the mail storage we can solve the privacy problem by setting
> the permissions for ~/Mail appropriately, but mhstore(1) seems to
> be the relevant point. If you set Nmh-Storage in the profile to
> store all files of to a central directory, which all users use,
> then Msg-Protect is relevant.
> I would like to have Msg-Protect removed, but I am not sure if we
> cut off valuable possibilities at the same time. Actually, the
> point is that my feeling is that I don't see far enough in this
> topic to be conviced of any decision.
> But I would say that we can remove it from everywhere except
> from mhstore(1), without problem.
I agree, that `chown 700 ~/Mail' is good enough to protect my email
from other non-root users on same computer.
But I do not see mhstore as anything special. Consider an analogy:
- user launches her favorite browser and open her webmail. It's
content is safe from other users (they can't ptrace browser, do
they?). Browser + remote server is analogous to mmh + ~/Mail (700).
- Now she downloads attachment from her webmail into ~/Downloads
directory. It gets access permissions according to browser
umask. This is analogous to mhstore.
- Browser do not have any special configurations about downloads
permissions. Why should mhstore?
If I store my files into shared directory, I understand what does it
means. If I do not like it, I store files into directory, where no one
have access to.