I can see other folders through SFTP! Is this bad security?

Post Reply
User avatar
Edge100x
Founder
Founder
Posts: 13009
https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

I can see other folders through SFTP! Is this bad security?

Post by Edge100x »

Your webserver user has access to other shared directories on the system because it must in order for your applications and SFTP/SSH access to function properly. Most of these are system directories, but as part of this, you can also see the names of some other customer directories. This is normal and not a security problem, as by default you have no access to the actual contents of other users' directories, and other customers have no access to yours. You also have restricted access to system files and resources, with the inability to write to them and the inability to read sensitive files.
Post Reply