How Do I Limit Directory Browsing?


I have wu-ftpd setup on my box.  I have created a handful of FTP users.  For better or worse, each user is a member of the same "FTP" group.  When each respective user logs in, they chroot to their home ftp directory.  I noticed that one user can change into another user's directory and other "sensitive" areas of the filesystem.  How do I restrict each user from having this ability.  I want them to be restricted to their respective home FTP directories.  
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

bernardhConnect With a Mentor Commented:
Edit your /etc/ftpaccess file and add:

     guestgroup ftp

Edit your /etc/shells file and add the dummy shell:


Finally edit your /etc/passwd file and modify the login name of the user:

guest1 will be able to access only his home directory /home/guest1 and /home/guest1/incoming. The home directory field of the passwd entry is divided into  two  directories.   The first field  is  the  root directory which will be the argument to the chroot(2) call.  The second  half  is  the  user's  home directory  relative  to  the root directory.  The two halves are separated by a "/./"
Just take away permissions of reading and execution for the "others" group in your critical directories. Like:

 cd /home/ftp

 chmod o-rx bin
 chmod o-rx lib
All Courses

From novice to tech pro — start learning today.