RFC patch: Deny removal of folder owner ACLs
Bron Gondwana
brong at fastmail.fm
Thu Jan 20 06:08:53 EST 2011
On Thu, Dec 30, 2010 at 10:45:18AM +0100, Guilherme Maciel Ferreira wrote:
Gosh - sorry nobody responded to this!
> We were having problems with some users who deleted all ACL rights
> from a folder, rendering the mailbox inaccessible.
>
> There's already a feature in cyrus that the folder owner can't
> delete his own administration rights (implicit acls).
>
> This left one hole in the protection which is still cumbersome to the users:
> If user A has admin rights over user B's mailbox, user A can remove the admin
> rights from user B, either by DELETEACL B, or by SETACL B with more
> restrictive access rights.
That sounds like a bug in implicit acls to me. They should be
implicit no matter what!
> So we changed the imap server to avoid such kind of behavior. The patch was
> developed for version 2.3.16. It is possible to roll back to the default
> behavior through the imapd.conf variable "owneralwaysadmin=no".
I think it would be reasonable to just tie it to implicit acls rather
than creating another switch. That sound good to you?
I like the idea - and it would be great if you did a patch again git
master at http://git.cyrusimap.org/ - follow the links. Or if you use
git you can just fork it and ask us to pull your branch! That way you
get full credit :)
Bron.
More information about the Cyrus-devel
mailing list