Cross Domain ACL: Which are the security risks? *BID for CROSS DOMAIN ACL DEVELOPMENT*
lists at infosecurity.ch
Fri Dec 14 03:30:08 EST 2007
Ken Murchison wrote:
> Its been a long time since I looked into this, but I don't think there
> are any inherent security risks, as long as its coded carefully. If
> coded improperly, I could see a security nightmare. CMU doesn't have
> any immediate need to for this functionality, so its not on top of my
> TODO list. I would gladly look at a patch that implemented cross
> domain ACLs as an optional (via imapd.conf) feature.
i would like to really thank you about the CMU strategial point of view
about the Cross Domain ACL.
I would like to get the opportunity to ask to everyone on the list if
there is someone interested in a paid consultancy for the development of
this feature, the development in a clean and polite way so that it can
be accepted by Cyrus Project.
Please, anyone interested and/or that know someone who can be interested
in such development activity please contact me privately to discuss
terms of agreement .
I really would like to provide financial support to this opensource
project for this feature!
More information about the Cyrus-devel