People call "vsftpd" very secure ftp daemon. There is one default setting which renders the daemon insecure. When a user login, he can leave his home directory to go up to other directories. There should be some locking mechanism to ban this. Googling around tells me that by adding the following line in /etc/vsftpd/vsftp.conf can overcome the problem:
chroot_local_user=YES
This way, ftp users are locked in a jail.
No comments:
Post a Comment