I was thinking that cyrus changed to user to do this work - ala procmail. Just in case, my home directory was set to 777 and the perms on /home/craig/.sieve were 644 - perhaps that needed to have write or execute permission to all users. Wouldn't seem to need that though.
Actually it was the sendmail that changed to user's ID before invoking procmail. Sendmail can do that, since it is running as root. Cyrus is not running as root, so it can't change its user ID.
The permissions look way to permissive to me. I believe minimalistic persmissions that should work (once you figure out how to put all other parts together) are 711 for you home dir (allows others to access the files inside directory if individual file's permissions permit that, but not to list content of directory), and 644 for .sieve (and any related files) to allow Cyrus to actually read it.
Sorry for not being of more help.
-- Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
