Jorey Bump wrote: > Ken Murchison wrote, at 10/07/2007 07:51 PM: >> Jorey Bump wrote: > >>> Delete ACLs: >>> localhost> dam user.bob bob read >>> >>> Now bob can't read his INBOX, and will get a message like the >>> following when he tries (this is from Thunderbird): >> >> This won't work since Cyrus implicitly gives user's at least 'lca' >> rights on their own mailboxes, regardless of the explicitly granted ACL. > > Interesting. I tested this only with Thunderbird, and it seemed to be > effective enough (I didn't test delivery, however). Is the average user > able to restore the necessary ACLs, or does it require special knowledge > or client features? Very few clients allow manipulation of ACLs, and my guess is that most users would end up screwing themselves. > Also, what is the 'c' ACL? It's not listed on the man page (for my > version). The old CREATE/DELETE right, which is now a macro for 'kx' -- Kenneth Murchison Systems Programmer Project Cyrus Developer/Maintainer Carnegie Mellon University ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
