?
Solved

vsftp problem with user escaping directory

Posted on 2005-02-28
2
Medium Priority
?
189 Views
Last Modified: 2013-12-16
Hi there.

I've setup a user on a slackware box with VS FTP running on it.

This user has his regular home directory but in that home directory is a symbolic link that takes a user to /var/www/html/test/testdir
(I know it's not terribly secure but i cant avoid it for now)

The problem being that this user can "cd .." and get to /var/www/html/test . "cd .." again and he gets to /var/www/html.

This is somewhat worrying.

How can I prevent a user escaping his root directory structure and going above it?

ta

Daryn
0
Comment
Question by:daryn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
surya_prabhakar earned 680 total points
ID: 13421804
open /etc/vsftpd/vsftpd.conf

and add a line into that

chroot_local_user=YES

and restart vsftpd .

chroot_local_user
              If  set to YES, local users will be placed in a chroot() jail in
              their home directory after  login. Changing to symobolic links
              will fail .


surya.
0
 

Author Comment

by:daryn
ID: 13451424
thankin y'kindly, sir.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month9 days, 11 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question