SETACL on user mailbox

Rob Mueller robm at fastmail.fm
Mon Sep 30 01:26:59 EDT 2002 

I know I have mentioned this one before, but I've come up with another idea.

Basically the problem is that the 'a' right specifies whether you can change
the ACL on mailbox. This can be a one way trapdoor though, if you give a
user 'a' access on a mailbox, and they accidentally remove it, they can't
get it back. That case is specifically checked in the cyrus code for the
users mailboxes, and they can always change the ACL.

On the other hand, it's now a trap door the other way. If you want to remove
the 'a' right for a user, you can't actually do so, because they can always
add it back themselves.

Depending on your perspective, either of these options is annoying.

Now I argued that the current behaviour was actually against the RFC's
description of what the 'a' right meant, mostly because this is the
behaviour we want to see :). Others argued that because at CMU there's lots
of shared folders that users want to alter, they would leave it as it is.

Since the actual meaning then of what people want seems to be site
dependent, why not create a configuration option for it? Something like
below perhaps?

Rob

*** imap/mboxlist.c     Mon Sep 30 00:09:58 2002
--- imap/mboxlist.bak   Mon Sep 30 00:02:59 2002
***************
*** 1364,1370 ****
      }

!     /* 2. Check Rights - users can change ACL by default unless config
says so */
!     if (!r && !isadmin && !(isusermbox &&
config_getswitch("strictuseracl", 1)) ) {
        access = cyrus_acl_myrights(auth_state, acl);
        if (!(access & ACL_ADMIN)) {
            r = (access & ACL_LOOKUP) ?
--- 1364,1370 ----
      }

!     /* 2. Check Rights */
!     if (!r && !isadmin && !isusermbox) {
        access = cyrus_acl_myrights(auth_state, acl);
        if (!(access & ACL_ADMIN)) {
            r = (access & ACL_LOOKUP) ?

More information about the Info-cyrus mailing list