Ken Jones wrote:
Any votes on which way of specifying directories would be easier from the client program's point of view? a) full paths b) relative based on user or command
As long as you tell me where ~vpopmail is when I login, always using fully qualified paths will be easiest, I think. That way I don't have to change how I build commands depending on the access level of the user.
On login I could send vpopmail_dir /base/path/to/~vpopmail
It looks like you already are. When I logged in as SA, the first response is
which is ~vpopmail/ on my system. I want to make sure this is easy for people so we don't end up with a bunch of /home/vpopmail/'s hard coded in people's programs. Not everyone wants all their email in /home, and it should be easy to adapt.
I think it should be an error if:
SA asks for anything above ~vpopmail/domains
QA asks for anything above ~vpopmail/domains/mydomain
or a regular user above ~vpopmail/domains/mydomain/myhomedir
I think I would prefer if you hid the ~vpopmail/domains part from me entirely, and prepended it to my requested paths. A person coding on the PHP end of the daemon doesn't need to know anything about the actual directory structure in the machine.
Gotcha. There is code for validating directory input to restrict each level of user to their respective base directories. Also it is checking for ".." in any part of the directory. In case input tries to walk down to / and trod on any file in the filesystem. Any other things we should check for? Perhaps "%" in filenames?
If you wanted to create/update the Vacation file for [EMAIL PROTECTED], you would specify:
I think it is best to allow either one...
If first char is '/', remove it.
For all users add ~vpopmail/domains/ before the specified path.
If regular user verify specified path starts with test.com/user/
If Domain Admin verify specified path starts with test.com/
If System Admin verify specified path actually exists
When adding files or directories chop of the last term, and verify the parent directory exists. Listing, reading or removing - verify the actual file or directory exists.