Deprecate the old automatic seteuid feature; document this in the manpage and

changelog, and let archivemail spit a warning when it changes the effective user
id.

CHANGELOG

@@ -17,6 +17,8 @@ Version 0.7.1   - UNRELEASED
     Closes: #981865, #988803, #1764851, Debian bug #434798
   * If running as root, only switch the effective uid and gid back if we have
     actually switched them before. Closes: #1762907
+  * The automatic seteuid feature of archivemail is insecure and thus
+    deprecated; it will be removed from later versions. 
 
 Version 0.7.0   - 2 November 2006
   * Fixed long options --filter-append and --pwfile to accept their arguments.

archivemail.py

@@ -1132,6 +1132,8 @@ def archive(mailbox_name):
         os.setegid(mailbox_group)
         vprint("changing effective user id to: %d" % mailbox_user)
         os.seteuid(mailbox_user)
+        user_warning("changing effective user id: this automatic feature "
+            "is deprecated and will be removed from later versions.")
 
     old_temp_dir = tempfile.tempdir
     try:

archivemail.sgml

@@ -100,6 +100,12 @@ See below for more <application/IMAP/ peculiarities.
 <Command/archivemail/ has some support for being run as the root user on
 user mailboxes. When running as root, it will &seteuid; to the owner of the
 mailbox it is reading, creating any archive files as that user. 
+<emphasis>Warning:</emphasis>
+<!-- I would like to have a <warning> here, but the dsssl stylesheet thinks a
+    warning need be decorated with a graphic.  *sigh*  I won't start hacking
+    dsssl because of this. -->
+    this automatic seteuid feature is insecure and deprecated. 
+    It will be removed from later versions of <command/archivemail/.
 </Para>
 </RefSect1>