Paul J Stevens <[EMAIL PROTECTED]> said: > > Aaron Stone wrote: > >> Oh, that's perfect then. So the next question is what steps would we want >> to take in the dbmail utilities to restrict access to add/modify/delete >> users, maintain the database, etc? > > That's easy. You've already added the -f switch to all tools. So you can > already use different configs for different tasks using different > db-users with different privileges.
Interesting, but not what I'm getting at. I'd like to have non-administrative, untrusted users able to hold accounts on a machine running DBMail and not have the risk of them mucking around with DBMail's database. [snip] > But what started this thread was the current misconception in the acl > code that assumes a 1-1 relation between a mailbox, a user, and a acl > mask. There's simply no concept of group logic in the current code. Oh, that doesn't sound good. Ilja's hip to the ACL code, hopefully he'll have more insight on how to deal with the issue that you've raised... Aaron --
