Full server access - is this meant to happen?

I just loaded up SmartFTP today to add some more files to my website, and found that i could access the entire linux install though my client, including every other users website.

Is this meant to happen?


nope. It looks like something is badly misconfigured. Can you still see the listing displayed in the referenced .jpg, or was it a “one time” kinda thing?

He didn’t mention if he was using FTP protocol or SFTP over SSH2. It makes a difference.

With FTP, the DreamHost server will “chroot” or restrict file access to your home directory. This means to your FTP client, the topmost directory you can access will be /home/username and it will show it as / instead of /home/username

With SFTP over SSH2, the DreamHost server does not restrict access to your home directory, and your client should show the home directory as /home/.glob/username

:cool: [color=#6600CC]Atropos[/color] | openvein.org

Thanks for the info! I never thought of that possibility.

Other than the chrooting we do via ftp, your files are protected by normal unix file permissions. So if you don’t want anyone to be able to read a particular file be sure to not make it world readable.