2 Feb
2006
2 Feb
'06
5:39 p.m.
On 02/02/06, Andrew Rice andrew@nams.net wrote:
I guess that allowing public_html access to a users dir via hostname/~username is bad security correct?
I don't know if vsftpd has the facility to chroot users anywhere other than into $HOME . At least not unless you change their homes in /etc/passwd which would have a *lot* of side-effects.
You could consider ProFTPD instead. It's more flexible configuration-wise than vsftpd and I think was at one stage a standard part of older RH distros. Of course increased complexity and configuration scope can increase the chance of insecurity through misconfiguration.
proftpd-1.2.10-8.2.el4.rf.i386.rpm is available from Dag and the boys at RPMForge.
Will.