R: Cross Domain ACL: Which are the security risks? *BID for CROSSDOMAIN ACL DEVELOPMENT*

[Toschi Pietro]

Please forgive me for my question, I'm mostly a beginner, but I really miss what crossdomain ACL are and would be used for.
Will you be so kind and explain a little more about that?

Pietro



-----Messaggio originale-----
Da: cyrus-devel-bounces at lists.andrew.cmu.edu [mailto:cyrus-devel-bounces at lists.andrew.cmu.edu] Per conto di Fabio Pietrosanti
Inviato: venerdì 14 dicembre 2007 9.30
A: cyrus-devel at lists.andrew.cmu.edu
Oggetto: Re: Cross Domain ACL: Which are the security risks? *BID for CROSSDOMAIN ACL DEVELOPMENT*

Ken Murchison wrote:
> Its been a long time since I looked into this, but I don't think there
> are any inherent security risks, as long as its coded carefully.  If
> coded improperly, I could see a security nightmare.  CMU doesn't have
> any immediate need to for this functionality, so its not on top of my
> TODO list.  I would gladly look at a patch that implemented cross
> domain ACLs as an optional (via imapd.conf) feature.
Hi Ken,

i would like to really thank you about the CMU strategial point of view
about the Cross Domain ACL.

I would like to get the opportunity to ask to everyone on the list if
there is someone interested in a paid consultancy for the development of
this feature, the development in a clean and polite way so that it can
be accepted by Cyrus Project.

Please, anyone interested and/or that know someone who can be interested
in such development activity please contact me privately to discuss
terms of agreement .

I really would like to provide financial support to this opensource
project for this feature!

Kind Regards

Fabio Pietrosanti