Restrict 'cPanel FTP' user from becoming Unix user

**bodomic** · 01-16-2007 03:20 AM

I was questioned by my client who had become very concerned after his own client installed myftp into his ftp folder.
The problem is the following:
Let's say I have created account main_user for my main user in WHM.
He goes to his cPanel and creates FTP user for his client his_client@myhost.com.

Then, his_client copies myftp folder to /home/main_user/his_client/myftp and sets "../.." as home directory for myftp web interface.

That's very, very bad... /home/main_user/his_client/myftp and its contents are owned by main_user, so his_client can go to http://main_user.com/his_client and have a full access to /home/main_user indeed...

I've edited config of myftp and denied anyone but root edit it, so it is fixed by now but I'm curious - is there a way of restricting user-behind-user from doing such terrible things? And of course it would be great if I could restrict this automatically for any new FTP user.

Thanks

**bodomic** · 02-02-2007 03:49 AM

can anyone help?

LinkBack

Thread Tools

Restrict 'cPanel FTP' user from becoming Unix user

The look of the cpanel user control panel for a hosting account on unix platform.

Warning!.. unix user does not exist!

Warning!.. unix user does not exist!

unix user does not exist!

Warning!.. unix user does not exist!