Users can write data outside their directory (via SSH)

Hallo everyone,

I know the topic of SSH and user’s permissions was discussed many times, but I haven’t found reason / solution for this:

  1. I create new server with one user - this user has SSH access by default, into his home directory /home/user

  2. If I login via SSH like this user, I can access folders like /etc /var and others - this is known “issue”

  3. But what I didn’t figured out, why this user can write into /etc /var and others?

The problem is, that this user can use e.g. folder /tmp like the storage no matter the limitations of his account. Or he can just mess my system everywhere :frowning:

Is this bug, or the classic behaviour?

Thanks for reply, best regards



Users can read and write to any directory they have permission to access – and usually the default setup is secure :slight_smile: There’s some details on that here:

A user bring able to write to /tmp is normal – that’s what /tmp is there for.

A user can read some things in /etc and /var by default, but shouldn’t be able to write to it. Are you sure the user is actually able to write, and not just read?


Oh, you are right. They can’t write to all directories like /etc. Thanks for the link - that cleared my doubts :-).

Just last question - if I set data size limitation for virtual server - etc. 100MB - can the user write to the /tmp directory more than 100MB?

he can not


Helpmin is correct – so long as your /tmp directory is on the same partition as /home – your user quotas apply to both directories.