[Mono-list] XSP in a multi-user Linux box
Gonzalo Paniagua Javier
Wed, 10 Dec 2003 03:05:47 +0100
El vie, 05-12-2003 a las 13:18, Cesar Mello escribió:
> I would like to hear suggestions on how to handle this:
> I've set up a Linux box running XSP. I would like to enable each user to
> have his own public_html directory in his home, and that directory would
> be published as "http://domain/user". Right now, I have placed symbolic
> links inside the XSP root directory, to the public_html directories. It
> is working for a first try, but as I'm running XSP with root privileges,
> the users have root privileges and then there is no security.
> So my two questions:
> 1) Is there an easy way to avoid the security problem?
Make the users allow reading permission for everybody in all
files/directories under public_html.
> 2) Wouldn't it be much better to create an application for each user, or
> even allow the users to create their own applications? This would be
> great to provide "XSP web hosting". :-) Yesterday I asked this on IRC
> and there was some discussion on the possibility of adding applications
> to the XSP server without restarting it. Any thoughts? Maybe, if I use
> an Apache web server with mod_mono, would this be handled easier?
Adding an application for each user on request is easy. The problem is
that we have no means to change user privileges for an AppDomain/Thread