Hello,
Firstly, we'll be moving to dovecot as default for our next project.. so the old imap folder may eventually be obsolete... but that's just for new systems, old ones don't have to convert.
As for suid.. what you can do, is create a very simple program.c file.. which will be a wrapper to upgrade the plugins privileges to root. Note that a script can't be +s because the shebang line is the program run, not the script, so you lose the sticky effectivenes.. you need a self running binary.
My recommendation would be a simple program.c.. with the sticky bit. It will be a wrapper which would then go about doing other tasks as root however you'd like.
To do this, you have to get your code to first run "seteuid(0)" and "setegid(0)" to set the effective uid/gid to root. Then, follow with "setuid(0)", "setgid(0)".. and you'd be totally root (assuming my memory serves me correctly). From there, you can call out to any php scripts you'd like, and they'd have root access.
The only catch with this... is the security concern. You have to be very very careful and extremely thorough with your input parseing/filter becaue anyone can run that suid script to get root.. it would be up to you to make sure it plays safely.
A more sane approache would be to add a root cronjob to run every minute. It would check for files created by the user, similar to our task.queue system for DA. They'd write it to somewhere like /home/username/sa-learn.queue. The root cron will check everyones directory for that file... it would contain the things it needs to do, then go about doing it. Again, be thorough in your parsing, but this approach is much more secure because users never actually run a root +s program, the program reads from them.
John
.