Thanks for the lists archive link, I will get to work on this patch.
I am trying to add aerc to home-manager. When home-manager generates the aerc config, it places a read-only symlink pointing to a world-readable
accounts.conffile in the nix store. However, with this method, I cannot run aerc as it returns with an error and the following message:
The file /home/xxx/.config/aerc/accounts.conf has too open permissions. This is a security issue (it contains passwords). To fix it, run `chmod 600 /home/xxx/.config/aerc/accounts.conf` Failed to load config: account.conf permissions too lax
I cannot simply chmod it to the required permissions since the filesystem containing the
accounts.conffile is read-only. I can also guarantee that there are no secrets in the generated
accounts.conffile, since home-manager only adds a
outgoing-cred-cmdto the file.
What is the best way forward? In cases like this where the user can guarantee that there are no secrets in
accounts.conf, the security error shouldn't block the user from running
aerc. Instead, if it was a warning (and especially one that can be disabled somehow), that would be useful for users on other platforms.
Would you be able to clarify why you've chosen to not have JMAP support? I'm just curious, since it seems like a beneficial feature.
I can work on this soon if it's still relevant.