Re: virtual hosting

To: debian-security@lists.debian.org
Subject: Re: virtual hosting
From: j.rivera <rewt@udel.edu>
Date: Wed, 27 Mar 2002 17:33:50 -0500
Message-id: <[🔎] 20020327173350.7c937fa5.rewt@udel.edu>
In-reply-to: <[🔎] 18659.020326@prolidi.cz>
References: <[🔎] 18659.020326@prolidi.cz>

Hello,

The only question I have in this setup is why would you need to chroot everything. In a typical hosting environment where users have FTP access to the server to upload web pages, you can just chroot the FTP daemon to the individual user's upload directory.

As far as Apache, you could chroot the daemon to the directory where all your websites reside. But in that situation, I do believe you would need to copy all the binaries you would want to run (i.e. Perl, PHP, MySQL, etc.), but I could be wrong on that point.

Hope that helps a bit.

Regards,
jovan rivera
<rewt@udel.edu>

On Tue, 26 Mar 2002 15:49:56 +0100
Michal Novotny <debian@prolidi.cz> wrote:

> Hello!
> 
> It is possible to make virtual web hosting (apache) in chroot jail?
> There is a little problem with about 1500 domains/clients.
> How can I set it up (with perl/php/ssi/ssl/cgi/ftp/mysql etc.) ?
> I think it have to be all in the chrooted directory, so will it be
> apache/perl/mysql/libs for each domain? or could it be symlinked?
> I do not imagine about 1500 chroots...
> But I think if it can work then it will be so secure, isn't it?
> 
> Regards
> Michal Novotny
> 

-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- virtual hosting
  - From: Michal Novotny <debian@prolidi.cz>

Prev by Date: Re: Re: iptables filtering rules
Next by Date: What is a suable attack by the way ;)
Previous by thread: Re: virtual hosting
Next by thread: Bastian Gläßer/PD/Kreditwerk ist außer Haus.
Index(es):
- Date
- Thread