On 2008-04-17 12:41:34 +0200, Fabien Schwob wrote: > I would like to provide a memcached instance to each user on a shared > hosting. Is there a solution to do that : > > * if memcached is on the same server as the web server
Use a unix domain socket and set the permissions accordingly.
> * if memcached is on another server
This is more complicated. If you run memcached on machine M and want to
restrict access to user U on machine W, you cannot do this on M, since
an incoming TCP connection doesn't contain information about the user.
You may be able to restrict outgoing connections on W to user U,
depending on the OS (it works on Linux).
But in that case I'd use a different scheme: Tell your users to choose a
hard to guess prefix (for example, 16 random letters or digits) for
their keys. This will ensure that users cannot read or modify each
other's data unless they are told or can guess the prefix.
hp
--
_ | Peter J. Holzer | It took a genius to create [TeX],
|_|_) | Sysadmin WSR | and it takes a genius to maintain it.
| | | [EMAIL PROTECTED] | That's not engineering, that's art.
__/ | http://www.hjp.at/ | -- David Kastrup in comp.text.tex
signature.asc
Description: Digital signature
