Chrooting and user privileges with Fedora Core 1.0

I am using Fedora Core 1.0 on my Web server and have installed VSFTPD on it. If I create an account and give it a home directory, (i.e. /var/www/test) and try to access FTP with this account, it goes into the directory /var/www/test. However, if after logging into FTP I press the "back" button, it takes me to /var/www folder where the user can see all of the data. How do I restrict the user to access their home directories only?

    Requires Free Membership to View

In order to lock a user into their home directory you need to look atvsftpd's chroot functionality. You need to edit the /etc/vsftpd/vsftpd.conf configuration file and change the hroot_list_enable option to "Yes." You then specify a file called /etc/vsftpd.chroot and add all the users you wish to chroot to this file. Or, if you wish, add all users to be chroot'ed then you can set the chroot_local_user option to "Yes." Chrooting an FTP server can be complicated and have some serious security implications. I recommend you read the vsftpd.conf man page carefully.

This was first published in March 2006

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.