[CentOS] Running Apache sites as separate users

Fri Sep 30 14:15:37 UTC 2011
Jerry McAllister <jerrymc at msu.edu>

On Thu, Sep 29, 2011 at 08:22:59PM -0500, Trey Dockendorf wrote:

> I had a recent request to improve security on my web servers by having each
> website use a different user to run the hosting service.  So
> example1.comhas it's own Apache instance running as apache1 and then
> example2.com has its own instance of Apache as apache2.  Is this even
> possible or realistic?  I understand the idea of how that would be secure,
> much like creating a virtual machine to segregate services.  The only way I
> can think how this is done is to chroot each website.  What makes this
> request even stranger is that each website will be managed by the same CMS
> and code base.  So with that being the case, I don't see how this is
> possible.  Any ideas or insight are very welcome.

Used to do that a lot on FreeBSD.  It was just a virtual host.
We used separate IPs for each virtual host, but there are ways
to do it with name based virtual hosts.  I think name based VH
didn't work with https though.

I don't know if CentOS can do it though.

////jerry

> 
> Thanks
> - Trey
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos