Proftpd and chroot / DocumentRoot with TLS

Hello,
I have several long-term running virtualmin running (Debain/Ubuntu). Either Virtualmin or some of our admins set the “DocumentRoot ~” option in proftpd’s global section and additonally in /etc/proftpd/conf.d/jails.conf.

I think that the TLS option in tls.conf was added, I am not sure if manually or by virtualmin / webmin.

By random I found out that users connecting via FTP over TLS didn’t get chrooted. After playing around with the “DocumetRoot ~” option I found out that it has to bet set within the section to work on FTP over TLS session. Without the chroot FTPing still works, but the user can see all directories in /home, so the user can see the domains of all neighboring users. (It exposes only the dirname, not what’s inside)

So, so others see the same effect or is it just /me? Is virtualmin supposed to take care about it? Proftpd is e.g. 1.3.6c-2ubuntu0.1.

Best Regards,
derjohn

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.