On Fri, Mar 14, 2014 at 03:50:09AM +0100, Martin Braun wrote: > Hi > > I have recently experienced a server being "hacked" due to a security > problem with a PHP application that made it possible for the "hacker" to > gain a web shell. > > Due to this experience I would like to know what the best way to limit such > problems is, especially when hosting web servers for users who may or may > not installed unsecure applications on the web server. > > What does the big hosters do? What do they use? > > The solution can't be too complecated to maintain and I would prefer each > user being completely seperated from the main OS and from other users. > > I have been thinking about running Debian inside FreeBSD Jails or "The > Warden". I have also been thinking about using Xen and installing several > Debians on Debian.
Nginx/Apache on OpenBSD runs in chroot. I think it is wise to see how they doing that. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140314172905.GA9135@localhost
