Martin Atkins mart at
Tue May 24 21:23:41 PDT 2005

Brad Fitzpatrick wrote:
> On Wed, 25 May 2005, Phillip Pearson wrote:
>>One concern about this is that for the web server to be able to sign
>>requests, it has to be able to get at the private key.  If this is run
>>on a shared host, other users on that host are likely to be able to
>>read the key as well.  So while it helps make things more
>>*distributed*, it's not necessarily more *secure* - although some sort
>>of setuid wrapper would fix this, I suppose.
> That's a configuration problem.  Your host should have each Apache/PHP
> process owned by the uid/gid of each customer, and you guys shouldn't have
> access to see each other's files.

Hah! That's wishful thinking!

Every hosting company I know just has a few dozen customers all sharing 
one server running some bulk hosting software like Plesk, with one 
Apache process shared between the lot. The best it gets is a SUexec-like 
mechanism where the child processes change owner, but I wouldn't like to 
speculate on how common even that is.

(Side note to parent poster: there's no OpenSSL binary on the Plesk 
servers I have access to look at, either.)

More information about the yadis mailing list