Hello, actually we have found that making a symbolic link into one of the website that point outside the website chroot (example mylink -> / of the server), the FTP account follows that link, and let the customer to browse the ftp tree outside the chroot (for example I was able to upload some stuff on /tmp and /var/tmp directory). Obviously that file are written as the ftp user, but however i'm not sure that this is an expected behavior (eg. pureftpd is compiled with --with-virtualchroot capabilities on?). Can you let us know? Thank you
Yes could be unsettling or not at this time. I'm not sure if the permission here on ispconfig 3 are described to safe also this particular condition or not. Is for that, that i have opened a ticket, in order to have some confirmation...
You posted above that you wanted to contact the pure-ftpd developers and ask them why their chroot includes other directories. So what did they say?
Sorry for the misunderstand, but, the ticket mentioned above from me, it's this thread. I have nothing to ask to pureftpd, because i'm pretty sure that "--with-virtualchroot" means that pureftpd can follows the symbolic link. So, my only question is if the ispconfig installation, is aware of that, and if is a stuff that we can leave run like that.... thank you
ISPConfig does not create any symbolic links that point outside of the website. If you don't want the symbolic link feature, use traditional chroot as described in pure-ftpd: https://download.pureftpd.org/pub/pure-ftpd/doc/FAQ
