Critical Issue with File Manager in Hestia v1.9.0~beta1

Yesterday, I installed the new beta version of Hestia (v1.9.0~beta1). After creating a new user, I attempted to use the File Manager. To my surprise, I found myself in the server’s root directory instead of the user’s home directory.

I was able to access files that I shouldn’t have permission to view. This issue seems critical, but I have no idea how to replicate it reliably. I’ve attached a video below demonstrating what happened.

Could you please confirm if this is a bug or if I’ve unintentionally broken something?

That’s because you’re using an administrator account. He is at the root of the current username, which is normal

This is not an administrator account, and if you suspect that I am havin this view because i am impersonating over an admin account, I have already verified this by logging in directly with this user account and i still can see every folder that i should not be able to see. This issue did not exist in previous versions

It should be the reason for the server itself. You can test it out with a different server provider

We didn’t find this issue in our tests, so you can share which server provider you are using. It can help to confirm if it’s a server issue or a Hestia issue

I am running it in my own virtual KVM environment using Proxmox and Cloud-Init on Ubuntu 24.04 i don’t think it has something to do with that

Disable shell and it should work fine

What exactly do you mean by that? Are you referring to ‘jail user shell’ or something else?

Edit: After enabling the shell to Bash and selecting ‘Jail User Shell,’ it is now working again

No set Shell access to nologin…

If I reset it back to ‘nologin,’ I can once again view the full server directory tree

@eris Is there any fix for it? Or should I stick with version 1.8.12 for now?

I’m just currently in the process of migrating my server and thought it would be a good opportunity to start fresh with the latest Ubuntu version