Security Issues of Virtual Hosting
It is important to consider some of the security issues that relate to virtual
hosting. Because the Virtual Hosts operate in the same Virtual Server Environment,
CGI scripts that are executed by any Virtual Host will inherit privileges
to access any directory or file in your Virtual Server directory hierarchy.
For example, a malicious Virtual Hosted client could write a simple script
to remove all of the files on your Virtual Server. Another script could
send the contents of your ~/etc/passwd
file to a remote email address where "weak" passwords could be decrypted.
If your login password is susceptible to a dictionary cracking program,
a subhosted client could effectively steal shell access away from you.
We recommend that you do not offer unrestricted cgi-bin access to your Virtual
Hosted clients unless you have complete trust in them (even then, they may
accidentally cause damage to your Virtual Server). We recommend one of the
We recognize that in most cases it is likely that not only are you providing
your clients with hosting service, but you are also designing their web
content and writing their CGI scripts as well. So this discussion may not
be applicable to your specific situation, but it is still an element to
remember should you decide to expand the scope of your services in the future.
- Provide stock CGI scripts in a directory
Most web sites do not demand a great deal of custom CGI programming.
It is likely that you could provide a library of "stock" CGI scripts
which your subhosted clients could then use. A sample composition of
such a library might include: a counter, a guestbook, and a generic
form processor. You would store these scripts in a subdirectory of your
cgi-bin directory (e.g. vhlib). You would then configure each of your
Virtual Hosts to use this cgi-bin directory by adding the following
lines to their <Host>
definition to your httpd.conf
- Configure the cgi-bin directory separate
from the hosts' home directory
Another alternative is to provide your subhosted clients with a cgi-bin
that is not a subdirectory in their home directory. This would prohibit
them from uploading and executing any arbitrary script. Instead, the
subhosted client would email you the script, you would review it, and
then install it into their cgi-bin directory (which can be configured
to be a subdirectory of your main cgi-bin directory). An example of
what you would add to your httpd.conf
file is shown below:
/cgi-bin/ /www/httpd/cgi-bin/SUBDIR/ Where the subdirectory SUBDIR becomes the cgi-bin directory
for the subhosted client (you may want to use the same directory name
for both the ~/www/vhosts
and ~/www/cgi-bin to
keep things organized).
At this time "CGI-wrappers" are not compatible with the
Virtual Server system since you do not have root
access to the server.