On Thu, Jan 06, 2005 at 07:32:25AM -0800, Paul Rubin wrote: > Jp Calderone <[EMAIL PROTECTED]> writes: > > A Python sandbox would be useful, but the hosting provider's excuse > > for not allowing you to use mod_python is completely bogus. All the > > necessary security tools for that situation are provided by the > > platform in the form of process and user separation. > > But mod_python is an apache module and runs in the same apache process > with other users' scripts.
Which is why it's a good idea for each customer to have it's own system user and their virtual hosts running under this uid. Which was the idea for the perchild MPM for Apache 2 - which is abandoned now :-( muxmpm is a replacement project in beta. This really sucks when you use Apache2. I myself did make the switch some time ago, then noticed that this (for me) important feature was missing. It now works, somehow, but to make it work properly I'd need to either: - go back to Apache 1.3.x, missing some nice improvements - use different webservers per user, put them together with mod_proxy (yuck!) -- Gerhard
signature.asc
Description: Digital signature
-- http://mail.python.org/mailman/listinfo/python-list