Issue Webspace user able to acces directories outside webspace

[Craetive]

Hi all,

I notice that the users I create under a webspace have (read)access to folders outside the webspace. This is not only for SSH, but also my web applications have access to folders outside of the webspace. I thought this was already taken care of by default when creating a user for a webspace, but apparently not. The FTP users however do only have access to the webspace.

For example, if I create the domain example.com with the user test, I want the application only to have access to /var/www/vhosts/example.com. if I SSH with the test user I will start inside the /var/www/vhosts/example.com directory, but when I use cd / I see the full root content of my server. This is clearly not desirable.

Is this fixable?

Thank you in advance!

- Plesk Web Admin Edition
- Plesk Obsidian 18.0.28 Update #2
- CentOS Linux 7.8.2003
- SELinux enabled

 

[Bitpalast]

Could it be possible that you have not selected the chrooted-option for SSH access, but another option like bash?

 

[Craetive]

Could it be possible that you have not selected the chrooted-option for SSH access, but another option like bash?

I had indeed selected the normal bash option instead of the chrooted one. I just changed it and that fixes the problem. Thanks for the suggestion!

Now that I have enabled this option I notice that a lot of extra folders are being created inside the webspace. Is there a way to hide these folders?

 

[Bitpalast]

These are the necessary folders für shell access. Why do you want to hide them from a user who has full access to the web space?