Opened 12 years ago
Closed 12 years ago
#7328 closed Bug report (fixed)
Filezilla server allows access to directorys above the defined shared dir
|Reported by:||Louis van Breda||Owned by:|
|Component version:||Operating system type:||Windows|
|Operating system version:||Window7 64 bit|
I noticed a severe security leak this morning. When you define shared folders for a user eg.:
and add another shared folder e.a.
Then filezilla server gives "jan access to:
- W:\MyFTP\jan and
W:\MyHomePage\Blog\jan (ignoring the rest of the path)
Very sevire IMHO
Change History (1)
comment:1 by , 12 years ago
|Priority:||critical → normal|
|Status:||new → closed|
Note: See TracTickets for help on using tickets.
Sorry, the bug does not exist. I was (and still are) confused about the server site directorys as shown in the client.
They dot not appear the way I would expect:
So I mixed up the FTP root dir and the extra share because im my case they have the same structure.