in reply to Web Hosting for Monks
Great idea, jcwren, ++ for that one and good luck :)
Some security thoughts:
I'm not an ISP myself but I work for the University of Vienna, where we provide webspace (and mailing and much more) for about 40.000+ users. My advice: don't give them mod_perl or PHP. Plain CGI is ok, as long as the scripts run under the user-ID of the script's owner, and not under the Apache user-id, so the chance is minimal that someone messes around in someone elses stuff. Neither mod_perl nor PHP may run as any other user-ID than the webserver's, AFAIK.
Next, propagate ssh and scp over telnet and ftp.
And finally, introduce some kind of resource limit, like quotas and CPU-limits per user, so the pigs don't mess around to much.
Just my 0.02 Euro.
Some security thoughts:
I'm not an ISP myself but I work for the University of Vienna, where we provide webspace (and mailing and much more) for about 40.000+ users. My advice: don't give them mod_perl or PHP. Plain CGI is ok, as long as the scripts run under the user-ID of the script's owner, and not under the Apache user-id, so the chance is minimal that someone messes around in someone elses stuff. Neither mod_perl nor PHP may run as any other user-ID than the webserver's, AFAIK.
Next, propagate ssh and scp over telnet and ftp.
And finally, introduce some kind of resource limit, like quotas and CPU-limits per user, so the pigs don't mess around to much.
Just my 0.02 Euro.
In Section
Perl Monks Discussion