[drupal-devel] multihost chrooted apache
adrian at bryght.com
Mon Sep 19 17:13:20 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
On 19 Sep 2005, at 10:42 AM, Bèr Kessels wrote:
> We want to give all hosted sites full UID1 permissions on drupal,
> meaning that
> they are allowed (for example) to make PHP pages and blocks.
> One day there will be a user that abuses that, or tries to root the
> with that. So we need to limit the abilities of the user running
> Each multisite will run on a single drupal multisite installation,
> but with
> apache as a separate user.
Isn't apache using fastcgi a better idea ?
That way you can run each apache process as the user account the site
belongs to, and set the permissions to only allow them write access
to their own sites dir.
You will also only have 1 chrooted environment.
Also, for security, I recommend setting the db username and password
using setenv in the apache virtualhost .
Drupal developer and Bryght Guy
http://drupal.org | http://bryght.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
-----END PGP SIGNATURE-----
More information about the drupal-devel