From: Ken Murchison (no email)
Date: Tue Aug 03 2004 - 08:44:19 EDT
Rob Mueller wrote:
>
>> You can't. There isn't any support for cross-domain ACLs. The biggest
>> impediment to adding this is how to handle 'anyone' and 'anonymous'.
>> Are these pseudo users inter-domain or intra-domain only?
>
>
> As a suggestion, you could use "anyone/anonymous" for inter-domains, and
> "anyone at xxx/anonymous at xxx" for intra-domains, which seems reasonably
> logical to me,
This is what originally occurred to me, but consider the case of a
single domain server which then upgrades to virtdomains. Any mailbox
which uses anyone/anonymous in an ACL is now open to anyone/anonymous in
ANY domain on the server. I don't think we can assume that this is what
the admin intended.
Of course, if the admin sets the defaultdomain to coincide with the
original single domain, then anyone/anonymous becomes
anyone at defaultdomain/anonymous at defaultdomain, which follows your logic.
I'll have to think about this some more, because I think I'm
forgetting another issue with inter-domains ACLs.
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|