On Wed, 6 Sep 2000, Félix C.Courtemanche wrote:
> Hello,
>
> I couldn't find any occurance of this question in the archives, but if it
> does exists, please forward me to it.
>
> I have been working on a set of Administration Tools for commercial web
> hosting companies for quite some times. Lately I have been trying to figure
> out the MOST secure way to host multiple accounts on the same server, with
> mod_perl enabled AS FAST AS POSSIBLE.
>
> In the best world, I would have the possibility of:
> - Restricting the opened files by any .pl script to the user's base
> directory.
> - Allowing custom shell commands or not
> - Setting a maximum execution time for a script
>
> The first directive would be used to prevent anyone from reading the source
> of another program, wich would allow someone to grab the sensitive data
> stored in configuration files, such as Database Passwords, etc. It is the
> MOST important of all and I really must find a solution. I previously saw
> some perl wrapper that would only allow files owned by the script's owner to
> be read. However, that wrapper greatly reduced the execution speed of .pl
> and it was not that effective. Any suggestions?
The _only_ way I see you being able to do this securely is to use a Safe
compartment with a Safe::Hole through to your custom open() function which
does all the checking.
The problem then becomes enabling something like DBI support. You'd need
to provide a safe hole through to DBI (not sure if you'd have to write a
wrapper or what - never tried it personally). And then the same goes for
something like CGI.pm, probably.
The other stuff can be done with the resource limiting modules.
If you come up with something it would be great if you could share it. I
started working on something like it a while back (even had an
Apache::SafeRegistry module built, but it didn't work because Safe::Hole
didn't exist back then).
--
<Matt/>
Fastnet Software Ltd. High Performance Web Specialists
Providing mod_perl, XML, Sybase and Oracle solutions
Email for training and consultancy availability.
http://sergeant.org | AxKit: http://axkit.org
