[Typo3-debian] Multihosting using the debian package
Michael Stucki
mundaun at gmx.ch
Sat Jun 14 17:36:39 CEST 2003
Hi Edelhard,
> what (i think) Steffen wanted to know (but at least interests me) is
> the scenario of a Webhoster with the usual Apache based shared hosting
> and who wants to offer Typo3 as an option. Could the base and
> installer packages be put on the public server and each customer
> (assumed [s]he has shell access and an own mysql id) would call the
> installer for each Typo3 site below his/her local webspace? Or would
> there be any security issues?
OK, I see the point.
I think the easiest way to assure this is to dissallow symlinks to users.
Another idea could be to disable shell access for this user...
I think TYPO3 offers so many features for file upload etc. that people
wouldn't need FTP or any access (except HTTP, of course) at all!
> Or would it be more secure for each customer to have a complete
> installation in (something like) a chroot'ed environment?
Never worked with that. Maybe it's a good idea, but I cannot rate this
without any knowledge.
What I think is that this function should not be part of the package. In my
opinion this is at most a part of the documentation...
However I even don't see how we could handle this restricted source access.
Any ideas?
Cheers - michael
More information about the TYPO3-debian
mailing list