"negative rights" ACLs - working in cyrus-imapd 2.2.12 (FC4)?
Phil Pennock
info-cyrus-spodhuis at spodhuis.org
Fri Jun 30 07:13:05 EDT 2006
On 2006-06-30 at 11:07 +0100, Will Partain wrote:
> Folks, I tried to use "negative rights" to do "everybody-but-X"
> permissions on a mailbox. It _looks like_ my "sam" didn't do
> anything:
> > sam list.foo charlie -rwsip
> Is something burst, or did I do something wrong? Thanks,
You want: sam list.foo -charlie rwsip
-rwsip removes those permissions from the stored list, so that nothing
is said about them, neither good "grant rights" nor bad "remove rights".
-identifier creates an entry for removing the rights.
IMAP4 ACLs are currently defined in RFC 4314, "IMAP4 Access Control List
(ACL) Extension"; that obsoletes RFC 2086, which is the version which
Cyrus supports (TTBOMK).
RFC 4314 section 2 contains a lengthier and clearer explanation of how
access rights work and combine than the old text in RFC 2086 section 3,
but either cover this topic. I recommend trying 4314 for the
explanations, but be aware that the flag explanations later don't quite
match Cyrus.
--
"Everything has three factors: politics, money, and the right way to do it.
In that order." -- Gary Donahue
More information about the Info-cyrus
mailing list