That's doesn't scale very well, what if there are 1000 domains a person can manage, that's a very long line? Also your assumption might be a good start, but someone will end up wanting more flexibility, so Davide might as well not waste time on half a solution only to change it later to a complete flexible solution.
Bill >---------- >From: John Kielkopf[SMTP:[EMAIL PROTECTED]] >Sent: Thursday, March 07, 2002 7:55 AM >To: [EMAIL PROTECTED] >Subject: [xmail] Re: CTRL permissions > >I would think somthing as simple as extending the current ctrlaccounts.tab >from: > >"username"[TAB]"password"[NEWLINE] > >to: > >"username"[TAB]"password"[TAB]"domaina""[TAB]"domainb"[TAB]"domainc"<and so >on>[NEWLINE] > >making the assumption that if any domains exists after the password, the >user can only modify and view those domains, but can't add/delete domains, >nor view frozen messages, etc... etc. > >There's still a potential security hole with the "external" command of the >mailproc.tab, but I don't know how you would lock that down easily. Since >that file handles forwarding, etc., you couldn't just stop a user from >accessing it... you would have to filter users with lower access from >modifying or adding an external line, or you would have to add more CTRL >commands for managing parts of mailproc.tab... probably too much to ask >Davide to do. > >-John > > >----- Original Message ----- >From: "Bill Healy" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Wednesday, March 06, 2002 10:57 PM >Subject: [xmail] Re: CTRL permissions > > >No need to encode each bit as one character, just make your example >decimal "117", then Davide can just treat it as a number and do logical >bit operations on it instead of having to do string operations. The >reason is if there is 100 bits that's alot of 1's and 0's but as a >decimal number it is relatively small. Or make it Hex "75". > >Bill > >>---------- >>From: DigitalPitstop[SMTP:[EMAIL PROTECTED]] >>Sent: Wednesday, March 06, 2002 8:13 PM >>To: [EMAIL PROTECTED] >>Subject: [xmail] Re: CTRL permissions >> >>Or manage it similarly to the way the current aliases are handled, all in >>one file >>"domain" "username" "bit mask of permission" >>"here.com" "billy" "1110101" >> >>This way we just come up with what the various bits mean in the bit mask. >> >> >> >>----- Original Message ----- >>From: "S�nke Ruempler" <[EMAIL PROTECTED]> >>To: <[EMAIL PROTECTED]> >>Sent: Wednesday, March 06, 2002 1:27 PM >>Subject: [xmail] Re: CTRL permissions >> >> >>> another suggestion: >>> >>> crtlaccounts/ >>> ctrlaccounts/.tab for global account >>> ctrlaccounts/domain.com.tab for domain access >>> >>> maybe a >>> [EMAIL PROTECTED] for user access, but that makes no sence >>to >>> me, maybe simply for give users the possibilty to change their password. >>> >>> the tab files could be formatted in that way: >>> >>> "username"<tab>"encryptedpassword"<tab>"permissions"<newline> >>> >>> as permissions there would be many things possible, such as useradd, >>> userdel, .... (almost for each ctrl command) - and maybe to grant rights >>to >>> other users maybe. >>> >>> i am impressed by the mysql access privilege system, which has to do >>alomost >>> the same (database-based, tabled-based, ip-based, ... authentication). >but >>> it is _very_ complex and would not be a few lines code :-). >>> >>> maybe someone merges mysql and xmail, then we had XMySil an everyone >would >>> be happy :-P. no, just a joke. >>> >>> >>> >>> - >>> To unsubscribe from this list: send the line "unsubscribe xmail" in >>> the body of a message to [EMAIL PROTECTED] >>> For general help: send the line "help" in the body of a message to >>> [EMAIL PROTECTED] >>> >> >>- >>To unsubscribe from this list: send the line "unsubscribe xmail" in >>the body of a message to [EMAIL PROTECTED] >>For general help: send the line "help" in the body of a message to >>[EMAIL PROTECTED] >> >> >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
