FTP Users can go above their user name into the Home Directory
Forum
Toggle Submenu
  1. Forums
  2. Recent
  3. Tags
Add a reply View Replies (1)
  1. Forums
  2. CloudLinux and Control Panels
  3. CloudLinux and cPanel

Resolved FTP Users can go above their user name into the Home Directory

  1. Mitch
    Mitch
  2. 18.05.2019
  3.  Subscribe via email
I had to redo the server and install everything over. I installed all accounts and when a user is ftp in they can go above their account name into directories above it
/
...
bin
dev
etc
home
lib
lib64
opt
proc
sbin
tmp
usr
var
/home
---useraccountname
------.cagefs
.cl.selector
.cphorde
.htpasswds
access-logs
etc
logs
mail
public_ftp
public_html
ssl
tmp
www

How do I stop them from getting above second Home so all they can see is is
/home/useraccountname


thanks
Mitch
Rate this post:
0
Responses (1)
  1. 21.05.2019 13:05:21
  2. # 1
Dmitriy Serafin Accepted Answer
Dmitriy Serafin
Posts: 14
Joined: 03.04.2019
0
Votes
Undo
Hello Mitch,

By default, FTP users can indeed list the root directory. They won't have permissions to see other users or upload something there, but the directory listing would be available.
This mostly depends on the FTP service that you use and its configuration, whether it allows listing files outside of the user's home folder. For example, here's how you could achieve that with the vsftpd service:
https://superuser.com/a/370955

Note that our CageFS component keeps users inside their own virtualized "cage". Thus, it won't make any harm to the system if the user can list the files from the virtualized root directory.

If you have any additional questions about the way CageFS works, you may contact our Support team directly on https://cloudlinux.zendesk.com/agent/, we're glad to help!
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Cite your Sources with a URL link to help readers verify facts or find more details.
Add Another Link
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.

General
General
  1. 529 posts
  2. 2 subcategories
CloudLinux and Control Panels
CloudLinux and Control Panels
  1. 1104 posts
  2. 5 subcategories
KernelCare
KernelCare
  1. 66 posts
  2. 1 subcategory
Imunify360
Imunify360
  1. 198 posts
  2. 1 subcategory

Stay in touch

CloudLinux Facebook Facebook 9K+ followers CloudLinux Twitter Twitter 10K+ followers CloudLinux YouTube Channel YouTube official channel CloudLinux on LinkedIn LinkedIn Follow us

Products
Success Stories
Partners
Support
About Us
privacy shield certified
aicpa soc
pci-dss
eu gdpr compliant

© All rights reserved. CloudLinux Inc.
Terms of Use | Privacy Policy | Vulnerability Reporting | Code of Ethics | Legal 

Call Sales at +1 (800) 231-7307

Email [email protected]