[lug] LAMP FTP setup

Bear Giles bgiles at coyotesong.com
Wed Jun 6 07:14:27 MDT 2007

Nate Duehr wrote:
> I think most hosting providers these days agree... give the end-user a 
> whole "machine" they can mess with, but the majority won't ever even 
> ask for shell access... but if they "break out" and wander around 
> their own filesystem, so what?  Everything in the virtual machine is 
> "theirs".
That's overkill for sites that are just a handful of static pages.

Dynamic sites can have the opposite problem.  Those virtual systems have 
to be pretty hefty if each needs to run its own database server, or even 
J2EE/ASP app server.  The obvious solution is a common database server 
made available to all virtual sites as part of the basic package, but 
you have to be ready to handle the guy who's a victim of sql injection 
(or who is outright malicious).  You might be able to do that with 
oracle, postgresql, etc. -- put each user in their own schema, not just 
their own database, and use 'restrict' to limit access to each user and 
the system operators.  You'll also want to enable quotas to keep some 
bozo from putting gigabytes of data into the database.  (Think image and 
pdf blobs.)

You can't even assume that any site needing these resources must be a 
big enough to justify the expense of a beefed-up virtual server, but 
that's a circular argument since the entry cost discourages people from 
putting much effort into open projects due to the small potential 
audience.  There are a few, but you have to search for them.

More information about the LUG mailing list