Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[solved] vsftpd user directory
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
mistake25
Tux's lil' helper
Tux's lil' helper


Joined: 20 May 2008
Posts: 144

PostPosted: Wed Mar 17, 2010 9:50 pm    Post subject: [solved] vsftpd user directory Reply with quote

hi,
i have configured my vsftpd server, to accept just local users(means users in /etc/passwd), no virtual users and no anonymous, i have set default directory to /var/ftp, where is every local user send after successful login, but every user is still possible to list upper(lower) directories (means they are possible to do "cd .." and get to /var or even to every another directory), is there way how can i force, to every user that login on ftp server, have just permisions to access directory /var/ftp and files/directories in it(means can access all directories/files in /var/ftp, but nothing else).

thanks


Last edited by mistake25 on Fri Mar 19, 2010 7:38 pm; edited 1 time in total
Back to top
View user's profile Send private message
Rexilion
Veteran
Veteran


Joined: 17 Mar 2009
Posts: 1044

PostPosted: Thu Mar 18, 2010 6:35 am    Post subject: Reply with quote

Yeah, that is called 'chrooting' but you have to be careful with that since it can give a false sense of security. But it's definitly what you are looking for.
Back to top
View user's profile Send private message
mistake25
Tux's lil' helper
Tux's lil' helper


Joined: 20 May 2008
Posts: 144

PostPosted: Thu Mar 18, 2010 2:13 pm    Post subject: Reply with quote

yes this is what i was looking for, thanks, but how security vulnerabilities are there? or why it is unsecure using it?
Back to top
View user's profile Send private message
Rexilion
Veteran
Veteran


Joined: 17 Mar 2009
Posts: 1044

PostPosted: Thu Mar 18, 2010 3:03 pm    Post subject: Reply with quote

Well, in whatever context I encountered the technique is that people are rather skeptic to it. It's always safe to consider it as imperfect. Whenever *something* *somewhere* is wrong, you can break out (that is what I get from it). As long as you are not doing anything too fancy, it should work without a hitch.
Back to top
View user's profile Send private message
mistake25
Tux's lil' helper
Tux's lil' helper


Joined: 20 May 2008
Posts: 144

PostPosted: Fri Mar 19, 2010 7:41 pm    Post subject: Reply with quote

ok, this ftp server will be accessable just to a few people that i can trust, so if they will just upload / download files, they can't access lower directories, thanks for help
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum