<div>
<div class="content wysiwyg-content">
Hi there.<br />
<br />
I've setup a user on a slackware box with VS FTP running on it.<br />
<br />
This user has his regular home directory but in that home directory is a symbolic link that takes a user to /var/www/html/test/testdir<wbr /> <br />
(I know it's not terribly secure but i cant avoid it for now) <br />
<br />
The problem being that this user can &quot;cd ..&quot; and get to /var/www/html/test . &quot;cd ..&quot; again and he gets to /var/www/html.<br />
<br />
This is somewhat worrying.<br />
<br />
How can I prevent a user escaping his root directory structure and going above it?<br />
<br />
ta<br />
<br />
Daryn
</div>
</div>


Hi there.

I've setup a user on a slackware box with VS FTP running on it.

This user has his regular home directory but in that home directory is a symbolic link that takes a user to /var/www/html/test/testdir 
(I know it's not terribly secure but i cant avoid it for now) 

The problem being that this user can "cd .." and get to /var/www/html/test . "cd .." again and he gets to /var/www/html.

This is somewhat worrying.

How can I prevent a user escaping his root directory structure and going above it?

ta

Daryn

vsftp problem with user escaping directory

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.