Submitted by impire on Thu, 11/24/2011 - 04:37
Hello,
I created a virtual server. Then created an FTP user. Gave this user default access to public_html access. I used FileZilla to access. Here's the problem:
The user landed on the public_html as configured. However, this user seems to be able to access all the other directories... all the way to root level. When the user tried to download the content, the error message came back as "not retrieved". However, there are some directories that the user can actually download the entire content.
This is just a normal user I created. It does not have any root or admin privilege. I do not want the user to see any other directories than the one intended. What do you think is the problem?
Thanks in advance for your help.
Status:
Closed (fixed)
Comments
Submitted by andreychek on Thu, 11/24/2011 - 08:56 Comment #1
Howdy -- yup, that's normal default behavior on a Linux system. If a file or directory is marked as "world readable", any user can see and access it.
FTP provides a means to lock users into a directory though -- you can do that by going into Limits and Validation -> FTP Directory Restrictions.
There's more details on all that here:
https://virtualmin.com/documentation/security/faq
Submitted by impire on Fri, 11/25/2011 - 09:34 Comment #2
Thank you very much!
Submitted by impire on Fri, 11/25/2011 - 09:35 Comment #3