Privacy in virtual hosting environment

To: debian-isp@lists.debian.org
Subject: Privacy in virtual hosting environment
From: Fraser Campbell <fraser@wehave.net>
Date: Mon, 7 Apr 2003 09:36:50 -0400
Message-id: <[🔎] 200304070936.50325.fraser@wehave.net>

Hi,

Since I'm currently setting up my first shared hosting environment in a few 
years I'm wondering how to adequately address privacy issues.

I plan to provide python (with and without mod_python), perl (perhaps just 
CGI) as well as PHP support.  Is there any way to prevent people from 
sourcing things above their document root?  My main concern is db passwords 
stored in config files or scripts.

I think with apache2 and the mpm that allows different users for different 
virtual hosts it should be possible but since apache2 isn't in woody I don't 
like the idea too much.

My other thoughts are to run multiple instances of apache wth different uids, 
an alternative might be to run user mode linux or other virtual environment.  
Both of these options seem quite resource intensive though and multiple 
apaches would require an IP for every site (I think).

What are you guys using?

Thanks,
-- 
Fraser Campbell <fraser@wehave.net>                 http://www.wehave.net/
Brampton, Ontario, Canada                                 Debian GNU/Linux

Reply to:

Follow-Ups:
- Re: Privacy in virtual hosting environment
  - From: "Vector" <debian@itpsg.com>

Prev by Date: Re: [HELP] .htaccess problem
Next by Date: Re: Privacy in virtual hosting environment
Previous by thread: Re: [HELP] .htaccess problem
Next by thread: Re: Privacy in virtual hosting environment
Index(es):
- Date
- Thread