Hi.

I want to run a webhotel with php and mysql.

My problem is that this script would allow people to browse the whole disk and highlight php files that may contain password for accessing MySQL and other "secret" stuff.

I've heard of systems which does so that any user can only access its own kind of filesystem. Like a whole virutal server dedicated to one user. That'd be great if it also prevents his/hers script to view any other files than the one he/she owns him/herself.

But I don't have any clue on how to do that. I've been messing around with suPHP and other things for a while now, and I can't seem to solve this problem.

If someone please could guide me in the right direction, or perhaps show me another way to solve this, I'd appreciate it very much!

Thanks in advance,
Heia Tufte.

One idea would be to run, as you say, each user's (or all users') stuff in a virtual machine.

One such vm is UserMode Linux (which, to be fair, doesn't emulate a machine but only the OS (afaik)).

Another one is bochs (which emulates everything from bios and processor to... well, the kitchen sink).

I think UML is the better choice here--but other solutions might exist.

hth --Jonas

You can either use virtual servers, for example this one: http://www.linuxvirtualserver.org/

Or try to set up chroot environments for each user. Search The Fine Google for help.