[plug] debian etch + vsftpd does not chroot jail users
wolfbite_aus at yahoo.com
Tue Apr 29 17:14:35 WST 2008
Had a devil time with setting up vsftpd.
all the examples never worked out the same.
read about a plugin for webmin for vsftpd
installed webmin & plugin
setup via the plugin and worked a treat :)
then disable webmin (only use it if I need the odd configs to workout)
vsftpd working a treat
give it a go and see if the output config is diff to you
Denis Brown <dsbrown at cyllene.uwa.edu.au> wrote: Dear PLUG list members,
Despite best efforts I cannot get users to be confined to their chroot
jails. Debian etch and vsftpd installed using aptitude. Vsftpd version
Have scoured the web for info on this and I understand the manner in which
vsftpd's config file *should* jail users, but it does not :-( Snippets
User "badboy" appears in /etc/vsftpd.chroot_list
User "badboy" has entry in /etc/passwd like so...
The use of a trailing /./ for the home directory specification was
mentioned in one of the web articles but it apparently makes no difference.
Using pscp.exe on a windows box I can sftp to the host, authenticate as
badboy and happily issue cd .. commands and traverse the directory tree
:-( At each level I can do an ls and see contents. It was my
understanding that this should not be possible.
There are no errata or bugs filed against vsftpd that I can see and the
only mentions that it has on the web generally have been from people who
messed up the configuration by misinterpreting the config file
directives. Maybe I've joined that elite too?
PLUG discussion list: plug at plug.org.au
Committee e-mail: committee at plug.linux.org.au
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the plug