How to prevent User manipulation on shared folder depending the rights of a Outlook 2003 folder etc.

Bernhard Reiter bernhard at intevation.de
Wed Aug 1 16:31:12 CEST 2007 

On Sunday 17 June 2007 13:41, ComCept Net GmbH Andrea Soliva wrote:
> Now following problem..... If a User "A" with Outlook 2003 and Toltec is
> sharing a folder let's say with read/write (full rights) to another user
> "B" (also Outlook 2003 and Toltec) this user "B" is able to manipulte this
> rights again and to delete the received shared folder from user "A".
>
> Now my question:
>
> - Because the user "B" must view, create and modify the entries of the
> shared folder from User "A" what kind of rights the shared folder must have
> that user "B" is not anymore able to manipulte the rights and to delete the
> folder.

All but "admin" rights.
There have been a few reports that user could manipulate folders where they 
should not been able to, but we could not reproduce this in any case
and it sometimes might look like something has happened.
So we do not know it is happening for sure and would love
to get a reproducable case on kolab-devel at .
For this you should monitor the rights on the imap server and prove
from the logs that user B could change the rights without having the
admin permission.

> We are using Toltec 2.1.0 and Kolab 2.1
>
> - Would be the better solution to use shared folder function from Kolab
> itself (create one from WebInterface)?

No, it works exactely the same.

> - Do we have any problems if we would create one from WebInterface and the
> stuff in this folder would be Outlook 2003 Contacts?

Maybe. 
You might need to set a folder-type and permissions manually, depending
on the version of Kolab Server you are using.

Bernhard

-- 
Managing Director - Owner: www.intevation.net       (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.kolab.org/pipermail/users/attachments/20070801/79d57548/attachment.sig>

More information about the users mailing list