Re: Re : virtual server - use jail(8) on FreeBSD

[Crispin Cowan <crispin () immunix com>]

Serban Gh. Ghita wrote:


First of all i did not express myself very clear: (for the ones who
replied), i said virtual shared environment, not virtual machine, so i am
not talking about VMware or other software like that.
My main concern is the security in a server (eg webhosting provider),
where multiple users are hosted, and everybody must be restricted to get
out of his own home.

Immunix SubDomain http://immunix.org/subdomain.html does exactly what 
you want. You can write a profile per CGI script that describes the set 
of files the script may read, write, and execute. The profile is written 
using regular expressions, so you can add flexibility to it. The profile 
can be applied as a global default, or per script. It can even be 
applied when you are using mod_perl or mod_php, when there is no actual 
call to exec(). Here's a screen shot of what a profile looks like 
http://immunix.org/subdomain.html



The jail(8) solution seems fair to me, because i use FreeBSD on all
servers,


That is unfortunate, as SubDomain is linux only.

To those complaining that this has noting to do with "secure coding." I 
disagree. This is a meta-language describing the permitted behavior of 
applications. It is secure coding in another form, with several 
attractive properties:


   * It is a meta-language, so it does not interfere with the structure
     of the base program.
   * It can be applied to closed-source binaries.
   * It is purely declarative, so it is easy to construct assurance
     arguments based on the content of the SubDomain profile.

Crispin

--
Crispin Cowan, Ph.D.  http://immunix.com/~crispin/
CTO, Immunix          http://immunix.com
Immunix 7.3           http://www.immunix.com/shop/