[Cialug] minimizing exposure with web hosting
Josh More
MoreJ at alliancetechnologies.net
Mon Aug 2 10:35:16 CDT 2010
Try adding a umask line to /etc/apache2/envvars
-Josh More, CISSP, GIAC-GSLC, GIAC-GCIH, RHCE, NCLP
morej at alliancetechnologies.net<mailto:morej at alliancetechnologies.net>
515-245-7701
________________________________
From: cialug-bounces at cialug.org [cialug-bounces at cialug.org] on behalf of Matthew Nuzum [newz at bearfruit.org]
Sent: Monday, August 02, 2010 10:33
To: Central Iowa Linux Users Group
Subject: [Cialug] minimizing exposure with web hosting
Hi, I'm working on providing a free web-hosting service to local developers who need a playground. I'm calling it the "web hosting lending library" because it works like a library. You check out one of the sites for 2 weeks and you can renew it if slots are available.
The service provides PHP, CGI, Rails, Django/wsgi, MySQL, MongoDB and Memcached support.
Currently I'm only intending to allow webdav access because my initial thinking was that it minimized my security exposure. However this presents problems with cgi, rails and django. CGI because I can't figure out how to chmod+x using webdav. For to make any non-trivial apps with rails and django you need shell access to run rake db:migrate or manage.py syncdb.
So now I'm stuck with figuring out a clever solution to enable devs to do these commands.
Or maybe I should rethink the logic behind my sense of security.
I'd love to hear your thoughts on ways to accommodate solutions. I'm really looking for something easy to setup and maintain to provide this service to people that I have a moderate level of trust in.
BTW, I'm calling this a limited beta now. If you're interested in trying it out, please contact me and I'll set you up. I'm working on the disclaimer still but it's going along the lines of "don't screw up my server or do stupid stuff like spam people; it's only for dev / experimenting purposes."
I've talked to numerous people who want to try out mongo or rails or django and need some semi-public playground, so that's what this is aiming to provide.
--
Matthew Nuzum
newz2000 on freenode, skype, linkedin, identi.ca<http://identi.ca> and twitter
"Never stop learning" –Robert Nuzum (My dad)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20100802/e27151d4/attachment.htm
More information about the Cialug
mailing list