On Tue, 26 Mar 2002 15:49, Michal Novotny wrote: > It is possible to make virtual web hosting (apache) in chroot jail?
Yes. Just install complete copies of Debian in the chroot jails. > There is a little problem with about 1500 domains/clients. > How can I set it up (with perl/php/ssi/ssl/cgi/ftp/mysql etc.) ? > I think it have to be all in the chrooted directory, so will it be > apache/perl/mysql/libs for each domain? or could it be symlinked? Symlinks do not work across chroot jails by definition. > I do not imagine about 1500 chroots... You would need to have a lot of memory and CPU power for that many chroot's. > But I think if it can work then it will be so secure, isn't it? If it has root access for ANYTHING and it uses a stock kernel then running it chroot gives no extra protection. If you want chroot to actually give you any significant security benefits then you need a kernel patch such as grsecurity. Let's leave debian-security out of this now and keep it on debian-isp. -- If you send email to me or to a mailing list that I use which has >4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
