vsftp problem with user escaping directory
Posted on 2005-02-28
I've setup a user on a slackware box with VS FTP running on it.
This user has his regular home directory but in that home directory is a symbolic link that takes a user to /var/www/html/test/testdir
(I know it's not terribly secure but i cant avoid it for now)
The problem being that this user can "cd .." and get to /var/www/html/test . "cd .." again and he gets to /var/www/html.
This is somewhat worrying.
How can I prevent a user escaping his root directory structure and going above it?