Problem solve Get help with specific problems with your technologies, process and projects.

Chrooting and user privileges with Fedora Core 1.0

Security expert James Turnbull recommends examining chroot functionality to prevent users from taking advantage of the "back" button.

I am using Fedora Core 1.0 on my Web server and have installed VSFTPD on it. If I create an account and give it a home directory, (i.e. /var/www/test) and try to access FTP with this account, it goes into the directory /var/www/test. However, if after logging into FTP I press the "back" button, it takes me to /var/www folder where the user can see all of the data. How do I restrict the user to access their home directories only?

In order to lock a user into their home directory you need to look atvsftpd's chroot functionality. You need to edit the /etc/vsftpd/vsftpd.conf configuration file and change the hroot_list_enable option to "Yes." You then specify a file called /etc/vsftpd.chroot and add all the users you wish to chroot to this file. Or, if you wish, add all users to be chroot'ed then you can set the chroot_local_user option to "Yes." Chrooting an FTP server can be complicated and have some serious security implications. I recommend you read the vsftpd.conf man page carefully.

Dig Deeper on Linux servers

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.