Re: Bug#92981: uw-imapd-ssl: can't use maildir format with uw-imap (fwd)
[I'm forwarding this message from debian-devel as it didn't get answered
there. Any input is most welcome! Please Cc me on replies as I'm not
subscribd to debian-policy.]
> > > Is it a problem that the spool files are not "rw" for the group? Postfix
> > > delivers that way.
> > >
> > Then postfix is violating Debian policy. See
> > http://www.debian.org/doc/debian-policy/ch12.html#s12.6 .
> > Actually the specific statement there is kind of ambiguous.
> > "Mailboxes are generally 660 user.mail unless the user has chosen
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^
> > otherwise."
> > ^^^^^^^^^^
> > Does that mean I have to support any kind of configuration a user could
> > possibly come up with?
> > i would like to know why policy even suggests mailspools have 660
> > user.mail permissions, postfix being a sane mailer sets permissions to
> > 600 user.mail. making mailspools writable by group mail does nothing
> > but make a gid=mail exploit disasterous where it would ordinarily be
> > rather boring. (especially if you change /var/mail permissions to
> > 3775)
So the issues are:
1. What is the rationale for the policy mail spools must be 0660 $USER:mail?
2. Is that the only supported configuration?
3. If not, what kinds of configurations does a package have to support?
Jaldhar H. Vyas <firstname.lastname@example.org>