Hello, JP>The question is, what is the state-of-the-art approach for protecting data JP>written to a file by mod_perl from being overwritten by an untrusted user? JP>Is it possible to run all mod_perl things as a separate user (without JP>having to keep two parallel apache installations)?
p>You don't need, parallel installations, just parallel instances. p> p>One main server running on port 80 set up to proxy requests to the p>relevant user's process. p> p>Individual users have their own httpd.conf set up with a unique port p>under a unique user (themselves, for instance). On an Internet exposed system you don't necessarily want to permit those httpds to run as actual users. Instead, it is probably safer to make a number of unprivileged users (www-perl, www-username, www-php, or whatever) that have no shells (or whatever other security restrictions you are interested in) and have the httpds run as them. You can put them in the same group as the related user (for example if user andrew is in group andrew, you can create a www-andrew user with no shell, but in group andrew so files can be shared). This minimizes the damage a badly written CGI can do (blow away any group writeable files in group andrew, for example, rather than blow away any of user andrew's files plus do bad stuff masquerading as user andrew). Humbly, Andrew ---------------------------------------------------------------------- Andrew Ho http://www.tellme.com/ [EMAIL PROTECTED] Engineer 1-800-555-TELL Voice 650-930-9062 Tellme Networks, Inc. Fax 650-930-9101 ----------------------------------------------------------------------