On 6.10.2010, at 0.09, David Ford wrote: > On 10/05/2010 06:44 PM, Timo Sirainen wrote: >> On 5.10.2010, at 23.38, David Ford wrote: >> >>> net-mail group is used by sendmail, procmail, dovecot, and additional >>> programs that read/write in the users mail directory. >> Can you give some specific examples? >> > i did. sendmail accesses .forward or aliasing files,
Isn't .forward typically in home dir, not under maildir? I don't know about per-user aliases file (there's such a thing?), but I'd guess that is also under home dir. > procmail does delivery, .. > new/ and tmp/ are set to david:david 0700 as cur/ is It can't do delivery as net-mail group if they're 0700. > dovecot does read/write for imap, pine reads and writes and > webmail cgi reads and writes or uses imap. None of those can work either with net-mail group permissions since all the necessary dirs are 0700. > .maildir cannot be 0700 because programs that don't run as > the same userid but only as the group id cannot then access the .maildir > directory. it's not important that they have access to files below the > top level mail store. procmail issues an error when writing in tmp/ as > well. You still haven't given one example of where it's actually useful to have it 0770. Seems to me that your problem would simply go away with chmod 0700 .maildir.
