| View previous topic :: View next topic |
| Author |
Message |
pachanga
Tux's lil' helper
Joined: 03 Dec 2004
Posts: 123
Location: Russia, Penza
|
 Posted: Fri Oct 28, 2005 3:37 pm Post subject: Any alternative to chrooted jail in my case? |
 |
|
I really like the idea behind chrooted Apache+MySQL environment and would like to use it on practice. However i think it's pretty much hardware expensive to have a separate instance of Apache and MySQL per virtual domain. Is it really hardware expensive? I'm just guessing here and some real numbers would be highly appreciated.
Are there any other alternative secure schemes to chrooted environment for Apache virtual hosts?
Thanks!
_________________
Gentoo community rocks! LIMB - a WACT powered CMF tested with SimpleTest |
|
| Back to top |
|
 |
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Fri Oct 28, 2005 4:08 pm Post subject: |
|
|
Why do you want to run a separate instance per vhost? This is not needed. You could run apache in a chroot jail and serve serval vhosts at once.
Or did I understud your question wrong?
Do you have only one IP and serval vhosts? Or do you have one system with many IP addresses and whant for each address a separate Apache/MySQL/etc?
cheers
SteveB |
|
| Back to top |
|
|
pachanga
Tux's lil' helper
Joined: 03 Dec 2004
Posts: 123
Location: Russia, Penza
|
| Posted: Fri Oct 28, 2005 6:54 pm Post subject: |
|
|
Thanks for such a quick reply 
| steveb wrote: | Why do you want to run a separate instance per vhost? This is not needed. You could run apache in a chroot jail and serve serval vhosts at once.
|
Is it possible? I'm a n00bie and any links, advices regarding this topic could be very helpful.
| Quote: |
Do you have only one IP and serval vhosts?
|
Yep - that's my case...
_________________
Gentoo community rocks! LIMB - a WACT powered CMF tested with SimpleTest |
|
| Back to top |
|
|
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Fri Oct 28, 2005 8:21 pm Post subject: |
|
|
Maybe having a look at Gentoo Linux Documentation would help you?
Especialy the security category could be that what you are looking for.
This chapter shows you what you would need to do for chroot jail.
cheers
SteveB |
|
| Back to top |
|
|
pachanga
Tux's lil' helper
Joined: 03 Dec 2004
Posts: 123
Location: Russia, Penza
|
| Posted: Fri Oct 28, 2005 10:35 pm Post subject: |
|
|
| steveb wrote: |
This chapter shows you what you would need to do for chroot jail.
|
Thanks a lot for the link. I'll have a closer look(how could i miss it ?...)
_________________
Gentoo community rocks! LIMB - a WACT powered CMF tested with SimpleTest |
|
| Back to top |
|
|
pachanga
Tux's lil' helper
Joined: 03 Dec 2004
Posts: 123
Location: Russia, Penza
|
| Posted: Sat Oct 29, 2005 12:39 pm Post subject: |
|
|
I read that security howto and found some really nice advices but the information on chrooted environment covers only the very basics. I still wonder if it's possible to chroot every virtual host using one instance of Apache.
I discovered mod_chroot to be one of the simple solutions however it chroots only one single directory while, as i said before, i'd like every virtual host to be chrooted. I googled around but found nothing relevant(maybe i searched not too good), any help on this is highly appreciated.
Thanks!
_________________
Gentoo community rocks! LIMB - a WACT powered CMF tested with SimpleTest |
|
| Back to top |
|
|
|
Networking & Security
