[Anakim Border] > App servers such as quixote, webware and skunkweb (just to name a > few) offer a clean environment to develop Python webapps. I have some > problems, however, understanding their security model.
Since they each have different security models, that's not surprising. This is a difficult problem for people approaching python. Hopefully it is the sort of problem that will be brought more under control when WSGI* is in widespread use and authentication is controlled using WSGI middleware.
*: http://www.python.org/peps/pep-0333.html
> My objective is to host webapps from different people on a single > Linux server; because of that, I want to be sure that one webapp > cannot interfere with another. > My first attempt at privilege separation went through users & groups.
Using unix users and groups is the best way to attain total separation between environments. Either that or put them on different user-mode-linux* hosts.
*: http://usermodelinux.org/
> Unfortunately application servers execute all python code under the > same uid; that way webapp 'a' from Alice can easily overwrite files > from webapp 'b' owned by Bob.
Perhaps you could run multiple application servers? One per isolated environment? Each of the above packages (quixote, etc) contains its own standalone server, as well as the capability to integrate into other server environments.
Use some form of proxy webserver in the front, which simply routes requests to the relevant application server, based on URL, HTTP_HOST, etc, etc.
Apache has a mod_proxy[1] designed specifically for this purpose. In combination with mod_rewrite[2], that should give you fairly powerful control over who gets to see which requests. You could probably roll your solution fairly easily using one or more of the mod_python Python*Handlers[3] and something like mod_scgi[4] or FastCGI[5].
1: http://httpd.apache.org/docs-2.0/mod/mod_proxy.html 2: http://httpd.apache.org/docs-2.0/mod/mod_rewrite.html 3: http://www.modpython.org/live/current/doc-html/dir-handlers.html 4: http://www.mems-exchange.org/software/scgi/ 5: http://www.fastcgi.com/mod_fastcgi/docs/mod_fastcgi.html
> Did I miss anything?
I am sure there are other approaches as well.
HTH,
-- alan kennedy ------------------------------------------------------ email alan: http://xhaus.com/contact/alan -- http://mail.python.org/mailman/listinfo/python-list
