Well Linux has LXC which is supposed to be equivalent to jails (also see docker). But use whatever suits you.
Idk what's current for breaking out of VMs is. It might be good to pay attention to who is using the most entropy and make sure you don't run out. Most VMs use processor VT to isolate things (I don't think any 'jail' does this).
I think most providers use OpenStack (a suite of technologies). YMMV
On Mar 13, 2014 11:06 PM, "Martin Braun" <yellowgoldmine@gmail.com> wrote:HiI have recently experienced a server being "hacked" due to a security problem with a PHP application that made it possible for the "hacker" to gain a web shell.
Due to this experience I would like to know what the best way to limit such problems is, especially when hosting web servers for users who may or may not installed unsecure applications on the web server.
What does the big hosters do? What do they use?
The solution can't be too complecated to maintain and I would prefer each user being completely seperated from the main OS and from other users.