So.. like many other linoders i resell some of my space/bandwith to friends/clients in the form of web/email hosting.

I recently came to relaise that since all files for the www side of virtual hosting are stored under the same user id that i could potentially have a security risk on my hands.. And sure enough after doing some basic testing i did.

basicly via php, my virtual users could include/echo/dowhatever other virtual users files.. This obviously presents a massive secuirty risk, which i have since downgraded slightly by including in everyones virtualhost delcaration "php_admin php_admin_value open_basedir /home/hosting/domain.com/www" which makes php restrict access to the domain.

But it got me thinking a long the lines of obviously there is more to this that i havnt thought of.

Is there an easy way to chroot each virtualhost to itself? I dont particularly want to have another instance of apache per virtualhost either.. But surely there has to be some easy way to secure apache's virtual hosts in this mannor?

Has anyone else come accross this problem and what typically was the way you decided to overcome this?

Thanks!

_________________
ServerAdmin - www.our-lan.com
"Diplomacy is the art of saying nice doggy whilst looking for a really big stick"
"In my experiece, any attempt to make any system idiot proof will only challenge God to make a better idiot"

The only thing I can think of is PHPsuexec, which is explained pretty well here. I'm not sure how to enable it though.

unfortunatly phpsuexec isnt going to help me.
Since this is virtual hosting, and all my users are virtual. they have the same UID. that is of the user WebHostingUser (5500). So running phpsuexec isnt going to stop the problem of the users being able to access the same files.

I need a non specific php way of doing it, as there is going to be tomcat(jsp) and propably perl or something simular which is going to mean i need a solution outside of the individual language.

As a last resource, i will run apache and tomcat in a chroot enviroment, and allocate a block of user ids to each of my virtual hosting accounts. Then with the help of solutions like phpsuexec i will restrict it in that..

Truth be told i was just looking for a slightly simpler solution

_________________
ServerAdmin - www.our-lan.com

"Diplomacy is the art of saying nice doggy whilst looking for a really big stick"

"In my experiece, any attempt to make any system idiot proof will only challenge God to make a better idiot"

Check these out:

• PHP Security
• Apache + Chroot + FastCGI + PHP FAQ

They both look simpler than your plan B. I think I would favour the second of the two.

Caveat: I only read them, I didn't actually try them - I'm the only user on my Linode. YMMV.

_________________
/ Peter

Please look at the mod_diffprivs. It allows to have unique uid/gid for each virtual host. But you must configure apache to close his child every time after request.