Nano issue not good for seedbox companies

It’s not really a security hole but more of a feature that needs to be disable for people running seedbox companies or just have a ton of idiots on one server…

Problem: In limited shell you can run nano press Ctrl-R then Ctrl-T to open the file browser. You can browser every file on the server.

The fix: Compile nano from source. Installation to fix below

wget https://www.nano-editor.org/dist/v2.7/nano-2.7.3.tar.gz
./configure --disable-browser
make
make install

3 Likes