Re[2]: virtual hosting
Hmm, I think this doesn't work for me, I forgot that there will be too
much memory and strong cpu needed :-( So, I'll need to find other way
to more secure my box. I'll take a look at the grsecurity...
Thanks for now, I'll be back ;)
Regards
Michal Novotny
26. bøezna 2002 17:08:41, Russell Coker <russell@coker.com.au> pise:
> On Tue, 26 Mar 2002 15:49, Michal Novotny wrote:
>> It is possible to make virtual web hosting (apache) in chroot jail?
> Yes. Just install complete copies of Debian in the chroot jails.
>> There is a little problem with about 1500 domains/clients.
>> How can I set it up (with perl/php/ssi/ssl/cgi/ftp/mysql etc.) ?
>> I think it have to be all in the chrooted directory, so will it be
>> apache/perl/mysql/libs for each domain? or could it be symlinked?
> Symlinks do not work across chroot jails by definition.
>> I do not imagine about 1500 chroots...
> You would need to have a lot of memory and CPU power for that many chroot's.
>> But I think if it can work then it will be so secure, isn't it?
> If it has root access for ANYTHING and it uses a stock kernel then running it
> chroot gives no extra protection.
> If you want chroot to actually give you any significant security benefits
> then you need a kernel patch such as grsecurity.
> Let's leave debian-security out of this now and keep it on debian-isp.
--
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: