# [solved] vsftpd user directory

## mistake25

hi,

i have configured my vsftpd server, to accept just local users(means users in /etc/passwd), no virtual users and no anonymous, i have set default directory to /var/ftp, where is every local user send after successful login, but every user is still possible to list upper(lower) directories (means they are possible to do "cd .." and get to /var or even to every another directory), is there way how can i force, to every user that login on ftp server, have just permisions to access directory /var/ftp and files/directories in it(means can access all directories/files in /var/ftp, but nothing else).

thanksLast edited by mistake25 on Fri Mar 19, 2010 7:38 pm; edited 1 time in total

----------

## Rexilion

Yeah, that is called 'chrooting' but you have to be careful with that since it can give a false sense of security. But it's definitly what you are looking for.

----------

## mistake25

yes this is what i was looking for, thanks, but how security vulnerabilities are there? or why it is unsecure using it?

----------

## Rexilion

Well, in whatever context I encountered the technique is that people are rather skeptic to it. It's always safe to consider it as imperfect. Whenever *something* *somewhere* is wrong, you can break out (that is what I get from it). As long as you are not doing anything too fancy, it should work without a hitch.

----------

## mistake25

ok, this ftp server will be accessable just to a few people that i can trust, so if they will just upload / download files, they can't access lower directories, thanks for help

----------

