Am 01.05.2012 02:29, schrieb Timo Sirainen:
On Mon, 2012-04-30 at 20:55 +0200, Robert Schetterer wrote:
Hi Timo
my tests resulted in
inheritance is given if a userfolder has set some acl to its new created
subfolder , which is nice
if some userfolder has its acl from global acl
there is no inheritance to its new created subfolders,
that subfolders will always created with full owner rights
i am not really sure if its a good idea
to have inheritance from global acl and
if its hackabel what is your idea to this ?
There is no ACL inheritance feature in Dovecot at all. The only thing
that kind of appears as being inheritance is that when you create a new
mailbox, its ACLs are copied from the parent's (but any future changes
to parent ACLs won't change the child's.)
I've been planning on changing how global ACLs work though. The idea
would be that you'd have a single dovecot-global-acl file that has
fields:
mailbox pattern ACL
So for example you could say:
foo user=tss lrw
This would work the same way as now. But you could also add:
foo/* user=admin lrwstipekxa
This would also apply to the children. Still, none of this is really
inheritance.
Hi Timo, i would say this would be good enough
for new handling global acls , however if its not really
inheritance
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria