I can see other folders through SFTP! Is this bad security?

Post Reply
User avatar
Edge100x
Founder
Founder
Posts: 11994
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

I can see other folders through SFTP! Is this bad security?

Post by Edge100x » Fri Sep 09, 2011 8:09 am

Your webserver user has access to other shared directories on the system because it must in order for your applications and SFTP/SSH access to function properly. As part of this, you can see the names of some other customer directories. This is normal and not a security problem, as by default you have no access to the actual contents of other users' directories, and other customers have no access to yours. You also have restricted access to system files and resources, with the inability to write to them and the inability to read sensitive files.

Post Reply