VSFTP Keep ftp users from leaving there home directory

Posted on 2005-04-28
Last Modified: 2009-03-20
Right now I have a vsftp server runnig on a SUSE 9 enterprise machine.  I made a user that is assigned to a group that has no permissions.  Right now when that user logs in via ftp they are placed inside of there home directory.  Which is fine, but  when the do the following

> cd ..

They are able to leave that directory and see the directories above them in the tree structure.  Though they are unable to write to them I still see this as  a bit of a problem.

How can I restrict them to there home directories but still allow them to create folders and write files in side of that jome directory.
Question by:wiedmanb
    LVL 8

    Accepted Solution

    Use /etc/vsftpd/vsftpd.conf and change the line to

    Default follows to file /etc/vsftpd.chroot_list
    Add to this file the list of the users you want to be chrooted.

    Or, alternativelly, use the option
    If set to YES, local users will be (by default) placed in a chroot jail in their home directory  after login.
    LVL 18

    Expert Comment

    A good resource for setting up vsftpd:

    I would add that If you want to enable users to have access to any files or binaries while in a chrooted environment they have to be duplicated in the chroot jail.

    Also of note, both vi and the ftp client can enable a user shell access that will bypass most chroot environments.

    Hope this helps.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    ​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
    Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now