SFTP Login via SSH Key

[mtylerb]

SFTP Login Allows '/' Read Access

I need some help, I'm thoroughly confused.

I just logged in with one of my client's logins using an SSH key. Upon logging in, I'm able to browse to / with WinSCP. When I view the permissions of /home with the root login, it says Owner and Group are root but permissions are 0711. When I view the permissions of /home with the client's login, it says Owner and Group are root, but permissions are 0755.

How is this possible? I tried with another account and got the same results. I can't have clients being able to access / (and thusly being able to browse other folders).

--Additionally--

I just tried logging in with regular password and have the same issue. So it's not just with SSH Keys. Not sure how this is possible. Any help is greatly appreciated!

--EDIT--

Problem is non-existent with standard FTP login. Only SFTP is affected.

--EDIT--

Filed a support ticket. Your Request id is: 3852363.

 

[quizknows]

Being able to read / over sftp/ssh is normal. Even as a normal user you're going to be able to read anything that is world readable. I haven't tried cagefs in cloudlinux yet, but that may be your only option to actually stop that. Jailshell might help too, but I think I tested that in the past with less than satisfactory result.

 

[mtylerb]

I had all users setup with "none" for ssh access, save for my reseller account. After discussing with cPanel support via a ticket, I'm not nearly as worried about the access issue as I was before. It would be nice if SFTP users were bound to their own directory just like FTP, but they can't do any harm ... yet, so I'll let it be.