Cross Domain ACL: Which are the security risks?
murch at andrew.cmu.edu
Wed Dec 12 10:06:46 EST 2007
Fabio Pietrosanti wrote:
> Hi all,
> i really need to have Cross Domain ACL within Cyrus IMAP, otherwise it's
> a huge limitations that does not permit to have 'shared folders' between
> users belonging to different domains (user1 at domain1.com and
> user2 at domain2.com) .
> MS Exchange already have this kind of features.
> When Cyrus is used in a groupware environment like Kolab, the imap
> folders represent groupware resources used for calendaring, contacts,
> todo, etc, etc.
> So sharing folders it's very important.
> I really would like to understand which are the security risks perceived
> by the Cyrus project's developer about the implementation of Cross
> Domain ACL.
Its been a long time since I looked into this, but I don't think there
are any inherent security risks, as long as its coded carefully. If
coded improperly, I could see a security nightmare. CMU doesn't have
any immediate need to for this functionality, so its not on top of my
TODO list. I would gladly look at a patch that implemented cross domain
ACLs as an optional (via imapd.conf) feature.
> Imho they are a must (along with the sharedseen).
sharedseen is implemented in 2.3.10 and 2.3.11. Its a per-mailbox
feature enabled by setting the /vendor/cmu/cyrus-imapd/sharedseen
annotation to true.
Project Cyrus Developer/Maintainer
Carnegie Mellon University
More information about the Cyrus-devel