Ilja Booij <[EMAIL PROTECTED]> said: >>> RFC 2086 defines the special user 'anyone' to change rights for every >>> user (for example make a mailbox readable for every user - that's what I >>> try to do). Am I right that 'anyone' isn't implemented yet? [snip] > > One key thing to notice is this: > We need to add a user to the database with the name 'anyone'. This is > unavoidable. We cannot have another user with the name 'anyone', even if > we put IMAP_ACL_ANYONE in the database with an obsfucated name, like > [EMAIL PROTECTED]@__, because a command like > > SETACL mailbox anyone lr > > would not make any sense anymore. > > Anyway: > The code has been fixed (it also works without an 'anyone' user in the > database). We just need to put the 'anyone' user into the database in > the creation & migration scripts.
Makes sense to add a list of reserved users to the database. I wonder how we'd want to handle this for LDAP, though? Would it really be a bad thing if somebody logged in as anyone? I suppose that the main issue would then be making sure that the administrator realizes that 'anyone' isn't the 'anyone' account, it is literally *anyone* on the system... I'd like to propose that for > 2.0, we have a system like mysql does for access control to the database. Especially if we are moving the tools to man.8, it might also make sense to setuid them, make the config file root read-only, and then use privilege flags in the database to determine if the user running the particular dbmail-* program has rights to view or modify the database in an administrative way. Aaron --
