Topic: user can browse entire tree from root and read all other users files

Hi,

using MSS for sftp purposes.

Have created a user who appears to ignore VirtualChroot true and StayatHome true.  sftp-verif says everything is ok. this is causing me some issues.

Also what does CanChangeRights setting allow exactly? Apologies if I'm asking questions that are answered elsewhere but there doesn't appear to be documentation that lists each setting and what it does.

Thank you for your help.

Re: user can browse entire tree from root and read all other users files

Hi,

Which is the shell configured for the user ? (should be "/bin/MySecureShell")
Which SFTP client use the user ?

Tag "CanChangeRights" can forbid the equivalent of "chmod" in SFTP smile