[lug] LAMP FTP setup
Bear Giles
bgiles at coyotesong.com
Wed Jun 6 07:14:27 MDT 2007
Nate Duehr wrote:
> I think most hosting providers these days agree... give the end-user a
> whole "machine" they can mess with, but the majority won't ever even
> ask for shell access... but if they "break out" and wander around
> their own filesystem, so what? Everything in the virtual machine is
> "theirs".
That's overkill for sites that are just a handful of static pages.
Dynamic sites can have the opposite problem. Those virtual systems have
to be pretty hefty if each needs to run its own database server, or even
J2EE/ASP app server. The obvious solution is a common database server
made available to all virtual sites as part of the basic package, but
you have to be ready to handle the guy who's a victim of sql injection
(or who is outright malicious). You might be able to do that with
oracle, postgresql, etc. -- put each user in their own schema, not just
their own database, and use 'restrict' to limit access to each user and
the system operators. You'll also want to enable quotas to keep some
bozo from putting gigabytes of data into the database. (Think image and
pdf blobs.)
You can't even assume that any site needing these resources must be a
big enough to justify the expense of a beefed-up virtual server, but
that's a circular argument since the entry cost discourages people from
putting much effort into open projects due to the small potential
audience. There are a few, but you have to search for them.
More information about the LUG
mailing list