[vserver] suggestion: extended chroot

About this list Date view Thread view Subject view Author view Attachment view

From: Guenther Starnberger (gst_at_atnet.at)
Date: Fri May 17 2002 - 15:19:20 EDT


i just read the thread about about using vserver and apache ("[vserver]
apache security ...").

using a shared apache with vserver would be cool, but there is one
feature that i really miss :)

many users (at least on my webserver), don't set the access rights on
their files right, and allow other users to read passwds, etc. in
their scripts. some users even store world writable files :/

it would be possible to modify suexec to execute each cgi of a user in
his own vserver - but the problem with this method is, that i would
have to create/copy all the required system files/dirs for each user.

a nice solution would be, to create a directory in the vserver tree
for each user, and disallow access to the directories of all other
users (and make them invisible) for this user (at kernel level).

for example:

/home/vserverchroot/ ... is the subdir where i store my
                                    vserver rootdir

/home/vserverchroot/home/foo/ ... homedir of foo
/home/vserverchroot/home/bar/ ... homedir of bar

i could then place some special vserverchroot call in my suexec.c and
can be sure that user "foo" isn't able to sniff on the files of
"bar". (he can't even see his homedirectory). i don't have to copy all
the system files because each user is in the same "vserverchroot".

additionally i could set the context of the cgi to the uid of "foo" in
suexec so that he can only see his own processes.

cu
/gst

-- 
/// guenther starnberger || at-net ||    JID:       \\\
\\\ GST-RIPE || http://www.vbs.at/ || gst_at_jabber.at ///

About this list Date view Thread view Subject view Author view Attachment view

This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:01 EDT