Re: Fastcgi or apache-mpm-itk?
Hi Kim
>> I was looking for a solution to have the users see, say, '/www' as
>> their document root, mapping this to some diretory of my choice.
>> Mainly not as a security measure but for more system administration
>> flexibility.
>
> There is a way to do what you're asking for:
>
> http://www.seaoffire.net/fcgi-faq.html#I-E
>
> By letting SuExec chroot() into "/var/www/domain" when it spawns a new
> process, your users' PHP scripts would see /htdocs as its web root
> (physical location: /var/www/domain/htdocs) and nothing outside of its
> root directory.
>
> Since the chroot() is only done by SuExec when running scripts, you
> won't have to put Apache libs in your jail. I'm unsure about PHP though.
| FastCGI provides for a wrapper that will execute
| the interpreter, in this case PHP
I was hoping for a solution for mod_php, since php-cgi is
lacking some important features (http-auth, for example)
and setting up a complete chroot environment is quiet a
pain as you usually end up not beeing able tu use Debian
packages at all.
Still I might check again if we could live with the
cgi-drawbacks.
> Also remember to use an ftpd with chroot() support, like pureftpd or vsftpd.
Yes, apart from the unusual way to configure it we really like pureftpd
(mysql). It has been serving all webhosting customers for a long time
now without any problems.
Cheers,
Norbert
Reply to: