Hi A user having administrative right on another mailbox can remove all rights (including implicite ones) to the owner's mailbox. I don't things is an expected feature! Right ? A buggy(*) test try to prevent to owner to remove its own right but don't apply for other non admin user ! *buggy because the test compare the userid with the mailbox name, and both use different syntax regarding the use of "." and "^" This work for "mailbox@xxxxxxxxxxx" == "mailbox@xxxxxxxxxxx" but dont work for "foo.bar@xxxxxxxxxxx" == "foo^bar@xxxxxxxxxxx" Also the test compare the userid (aka the login of the user) with the owner of the mailbox to "activate" the implicit ACL instead of comparing the identifier (in the setacl command) and the owner ! user3 is to remove "a" right of user2 on mailbox of user1, because user2!=user1 But should not be able to remove "a" right of user1 on user1's mailbox because user1==user1. I was on the way of correcting the foo.bar@xxxxxxxxxxx" == "foo^bar@xxxxxxxxxxx" test but found the mismatch between userid and identifier and wouldlike to be sure this is a bug and not a feature. Regards. -- Alain Spineux aspineux gmail com May the sources be with you ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
