Resolved FTP users have access to root directory on server

[Raymond_Davelaar]

OS ‪Ubuntu 14.04.5 LTS‬
Plesk Onyx Versie 17.0.17 Update #4, laatste update op 2016-10-25 13:23

FTP users have access to root directory on server. How to resolve

 

[VNick]

@Raymond_Davelaar, are you sure you're not mistaking server root for root of a chrooted shell? You may check /etc/passwd. How many entries (lines) does it have (please don't paste it here in full)?

 

[Raymond_Davelaar]

@Raymond_Davelaar, are you sure you're not mistaking server root for root of a chrooted shell? You may check /etc/passwd. How many entries (lines) does it have (please don't paste it here in full)?

it has 75 lines in it.
Nope, client login can see folders : bin, boot, clients, ...............,tmp, usr, var

 

[nebuzzer]

which ftp server? proftpd? maybe you use sftp? are the users in /etc/passwd set to /bin/false?

/etc/proftpd/proftpd.conf
DocumentRoot set?

 

[Raymond_Davelaar]

the users who are able to see root are granted bin/sh access under FTP settings. They cannot modify files but can read it and download it. Is there a saver way to grant them ssh access?

 

[Igor Losev]

@Raymond_Davelaar, this dirs were added to your webspace after "Web Hosting Access" -> "Access to the server over SSH" was selected as "/bin/bash (chrooted)". They are hardlinks from /var/www/vhosts/chroot/ and no copies or links from your filesystem root (/). You could select another access type at Web Hosting Access to remove this dirs.