1 |
Consider using mpm_itk in place of suphp. |
2 |
It appers to be much more simple and secure because not only PHP |
3 |
secured but every apache process run with user's privelege. |
4 |
|
5 |
Regards, |
6 |
Alexey Kopytko |
7 |
|
8 |
В Sun, 15 Apr 2007 11:24:05 +0200 |
9 |
"Adam Lantos" <hege@××××××.org> пишет: |
10 |
|
11 |
> Hello, |
12 |
> |
13 |
> I run a development server for our company (SFTP, web, php |
14 |
> developments, mailing lists). |
15 |
> |
16 |
> -gentoo-hardened (grsecurity) |
17 |
> -ldap database for user authentication |
18 |
> -apache2+suphp |
19 |
> |
20 |
> I personally prefer Ldap over mysql because of its optimized |
21 |
> performance, and scalability. Ldap is stable enough, and it's much |
22 |
> more secure than mysql (using TLS for connections, you can set ACLs). |
23 |
> You can store virtually anything related to users without bothering |
24 |
> with database schemes - quotas, email accounts, database |
25 |
> configurations, apache configuration and so on... Ldap is faster too |
26 |
> because of the binary database backend it uses. And much more tools |
27 |
> support Ldap, so you can use one password to sftp, one password to |
28 |
> apache htaccess, ... easier than with mysql. |
29 |
> |
30 |
> With grsecurity/rsbac/rbac you can limit any aspect of clients |
31 |
> (restrict client socket connections, /tmp usage, log audit events). |
32 |
> Use chroot is you want to separate users strongly from each other. |
33 |
> |
34 |
> With the use of SUPhp your customers can run their scripts with their |
35 |
> privilege level. (So no world-writable files required, and the |
36 |
> privileges of PHP is in your hand, customize it per customer.) |
37 |
> |
38 |
> Some things to consider: |
39 |
> -FTP is insecure, because it sends the password in plaintext. |
40 |
> -SFTP is better, but it uses more CPU. Set rssh shell, and customize |
41 |
> pam. I think you don't want to give them full shell access. |
42 |
> -If the LDAP is down, your whole hosting system become unusable. The |
43 |
> same thing is with the mysql, so it's not a big problem. |
44 |
> |
45 |
> |
46 |
> yours, |
47 |
> Adam |
48 |
> |
49 |
> On 4/15/07, Michael <mycroes@××××××.nl> wrote: |
50 |
> > Hello all, |
51 |
> > |
52 |
> > I'm currently working on a hardened install for a web/mail-server. |
53 |
> > Clients need to be able to upload their site content, either by ftp |
54 |
> > or sftp... As I see it now, there are three options for user |
55 |
> > management: 1. Add real users to the system |
56 |
> > 2. Add virtual users to a mysql db, use one user for files and let |
57 |
> > programs use the database |
58 |
> > 3. Use pam-mysql or nss-mysql to have the users in a database |
59 |
> > |
60 |
> > Personally I'd prefer using a database because of the management, |
61 |
> > but I'm not considering security at all in this preference. I bet |
62 |
> > some of you ran into the same problem and took one of the |
63 |
> > approaches I mentioned above. |
64 |
> > |
65 |
> > Because clients are using php too I don't know if it's advisable to |
66 |
> > use one user on the system and virtual users for ftp/sftp access. |
67 |
> > Next to that it would be nice to have decent quota support, so in |
68 |
> > that case I guess point 2 won't work... |
69 |
> > |
70 |
> > Anyway, I hope someone who used one of these methods on a production |
71 |
> > server can tell some more about what's the best way to solve this |
72 |
> > problem and why it's the best way. |
73 |
> > Greetings, |
74 |
> > |
75 |
> > Michael |
76 |
> > |
77 |
> > -- |
78 |
> > gentoo-hardened@g.o mailing list |
79 |
> > |
80 |
> > |
81 |
-- |
82 |
gentoo-hardened@g.o mailing list |