1 research outputs found
Securing a Linux-based Multi-User Web Server
A commonplace solution for putting a web site on-line at
a reasonable cost is hosting, that is placing it on a shared
server, together with other sites. Hosting providers face
significant security problems, both in terms of avoiding
misuse of their servers by \u201cguests\u201d, and in terms of
providing effective isolation between them; the
Discretionary Access Control model implemented by
traditional operating systems can fail to provide adequate
solutions to these problems. This work describes a system
based on the integration of the widely adopted
Apache/PHP platform with the powerful Mandatory
Access Control features offered by the Security-Enhanced
Linux project. The resulting solution combines a sound
approach to the most common security problems with a
very tolerable impact on system administration
complexity