|
Ron Alford
ronwalf at umd.edu
Thu Feb 26 17:20:57 EST 2004
David McNab wrote: > > But I would really like to know what concerns shared web host admins > have about mod_python. Are there real security issues, whereby a > malicious python web app could do nasty stuff to 'neighbour' > accounts, or to the server itself? Or is there just a 'fear of the > unknown' issue? Or have hosting providers been fed some FUD along the > way? These arguments are probably true of all mod_*, but here are some reasons I wouldn't want to have untrusted users using mod_python: 1) You need to have seperate interpretters per user. Import hooks, module versions, and other things can all play havoc with other users. This really isn't such a big deal. Default is what, interpretter per virtual host? 2) Can't make use of apache threading. It would be really easy to import a .so module and cause the entire server to segfault. I've even done this with the standard library before (though my bug was heinous). 3) Remember that you're part of the same process as apache. Anything apache has stored in ram, and anything apache can touch is accessible to you. Given the last problem, if I were to host untrusted users and give them access to mod_python, I would have an apache server per user running under their account. Going this far, I'd probably go a little further and just give them their own virtual linux box. And as I've gone that far, I'll just put in a plug for http://www.johncompanies.com/ They've given me relatively cheap hosting on a nice box. I get to do with it as I please, and it's as reliable as I could wish for. -Ron
|