directory security on a shared host

Support for webhosts that use CentOS
Post Reply
bdouglas
Posts: 5
Joined: 2005/06/20 21:09:34

directory security on a shared host

Post by bdouglas » 2005/06/24 23:19:32

I'm sure this issue has been discussed to death but I'm still looking for a good approach on Linux. Basically I just want domains on a shared server to not be able to access the directory tree of other domains via scripts: PHP, Perl, ColdFusion, and anything that might be installed.

1) PHP has safe_mode which seems to do the trick but is PHP only.

2) ColdFusion Enterprise has sandboxing but is both costly and works only for ColdFusion. A server level setting would be more ideal than configuring each programming language for directory security.

3) Apache's suEXEC seems perfect. Being based on the given user's permissions I figured any script, no matter the language, would only be able to touch files that its owner owned. But suEXEC seems to be designed to only work with CGI, so it wouldn't even affect ColdFusion or PHP.

and 4) Setting up VPS. This still feels like overkill at this point though. I'm only looking to secure directory trees and their files, not do things like allocating ram and cpu power.

Are their any other good options out there? Each domain has its own user so being based on Linux's permission system seems ideal.

bdouglas
Posts: 5
Joined: 2005/06/20 21:09:34

Re: directory security on a shared host

Post by bdouglas » 2005/07/03 18:31:02

these look like good options:

UML
http://uml.openconsultancy.com/

XEN
http://fedora.redhat.com/projects/virtualization/

cormander
Posts: 100
Joined: 2005/05/16 21:27:57
Location: Utah
Contact:

directory security on a shared host

Post by cormander » 2005/07/24 11:44:48

I would recomend this guy:

http://atomicrocketturtle.com/

He has a pretty impressive line of kernal rebuilds for sale that tighten the lid on virtual host servers. He's fairly deep into RedHat support, and recintly added CentOS to his area of packages.

He also has several free RPM packages that you may find useful.

Post Reply

Return to “CentOS 4 - Webhosting Support”