* On 25 Jun 2015, Derek Martin wrote: > to secure it. That is a massive security failure. If other people > are on your system and have access to the directory where your > attachments are stored, YOU DO NOT WANT THIS. And if not, YOU DO NOT > NEED THIS. So practically speaking there's no good, and significant
I generally agree with Derek but I want to point out one exception to this. There are use cases for allowing specific roles/service accounts access to your unvetted email attachment files. (I would expect these generally have to do with file sharing/export.) Conventionally the only way around this is to proactively degrade your data security and allow world (or group) access. I wonder if this is a strong enough argument to support configurable POSIX ACLs in mutt, and what exactly that support should consist of. -- David Champion • d...@bikeshed.us
signature.asc
Description: PGP signature
