imap_acl: never output the 'a' flag, even if the user

has administrative access to the room in question.  This should
theoretically prevent compliant clients from performing any of
SETACL/DELETEACL/GETACL/LISTRIGHTS commands on the room, which
is good because those commands are not fully implemented yet.

diff --git a/citadel/imap_acl.c b/citadel/imap_acl.c
index b2b0447ebe368d65bf1e2271cc4be12cb67b594b..a9756ba2d6155cca9d661981e189f416516ed1b7 100644 (file)
--- a/citadel/imap_acl.c
+++ b/citadel/imap_acl.c
@@ -116,7 +116,15 @@ void imap_acl_flags(char *rights, int ra)
                /* a - administer (perform SETACL/DELETEACL/GETACL/LISTRIGHTS) */
                /* x - delete mailbox (DELETE mailbox, old mailbox name in RENAME) */
                if (ra & UA_ADMINALLOWED) {
-                       strcat(rights, "a");
+                       /*
+                        * This is the correct place to put the "a" flag.  We are leaving
+                        * it commented out for now, because it implies that we could
+                        * perform any of SETACL/DELETEACL/GETACL/LISTRIGHTS.  Since these
+                        * commands are not yet implemented, omitting the flag should
+                        * theoretically prevent compliant clients from attempting to
+                        * perform them.
+                        */
+                       /* strcat(rights, "a"); * commented out */
                        strcat(rights, "x");
                }
        }