I'm very surprised to see something like this. Comparing with normal unix filesystem, 'sftpuser' would not even enter such directory. Is this OK?
* sftpuser has only group 'sftpuser' $ sftp sftpuser@localhost Connected to localhost. sftp> cd / sftp> ls -l drwxr-xr-x 2 0 0 512 May 21 18:43 dev drwx-----x 12 1000 1000 512 May 21 18:32 jirib drwxr-xr-x 10 1000 1000 512 May 21 18:32 pub sftp> cd jirib sftp> pwd Remote working directory: /jirib sftp> ls -al remote readdir("/jirib"): Permission denied j.