FTP server, authenticated user can browse entire directory

Hello,

I have configured my Laptop running OS 11.1 as an ftp server with vsftpd behind a router on my home network.

I have managed to get it working so that I have authenticated users who can connect and write using the external ip address.

The problem is that the authenticated user, rather than being allowed access only to the folder in question (/srv/ftp), can browse my entire directory structure.

When I tried this from a different computer (a Mac) from within my home network (but connecting through the external IP address) with fileZilla, using a user name I established as the authenticated ftp user (not my own uname), I could even download and write to other locations in the directory. I had another person try from outside the network, and they could browse the entire directory, but couldn’t download from it.

My question is: how can I confine an authenticated FTP user to the designated ftp directory?

Thanks in advance for any help.

Look up the chroot feature of vsftpd. This was the first hit for “vsftpd chroot”. There are other similar tutes.

VSFTP chroot or jail users – limit users to only their home directory howto

Thanks for the link. I saw the chroot option while I was following various vsftpd tutorials (including the OpenSuse one), but they didn’t give me a terribly clear idea of what to do about a “chroot jail”, except that I should know “what I am doing” (which I clearly don’t :-o).

Thanks for the lead that clears this up.

Cheers.