From owner-freebsd-questions@FreeBSD.ORG  Fri Jan  2 05:29:48 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 028C616A4CE
	for <freebsd-questions@freebsd.org>;
	Fri,  2 Jan 2004 05:29:48 -0800 (PST)
Received: from server.tcslea.org (server.tcslea.org [205.238.132.218])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E58F743D62
	for <freebsd-questions@freebsd.org>;
	Fri,  2 Jan 2004 05:29:45 -0800 (PST)
	(envelope-from bsdnewbie@coolarrow.com)
Received: from max3-40.ip.realtime.net ([205.238.179.40] helo=system)
	by server.tcslea.org with esmtp (Exim 4.24; FreeBSD)
	id 1AcPMz-000IqN-Ra
	for freebsd-questions@freebsd.org; Fri, 02 Jan 2004 07:29:42 -0600
Message-ID: <200401020729330294.07EE5925@coolarrow.com>
X-Mailer: Courier 3.50.00.01.1091 (http://www.rosecitysoftware.com) (P)
Date: Fri, 02 Jan 2004 07:29:33 -0600
From: "Chris" <bsdnewbie@coolarrow.com>
To: freebsd-questions@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-AntiAbuse: This header was added to track abuse, please include it with any
	abuse report
X-AntiAbuse: Primary Hostname - server.tcslea.org
X-AntiAbuse: Original Domain - freebsd.org
X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [26 6]
X-AntiAbuse: Sender Address Domain - coolarrow.com
Subject: Jails for websites
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jan 2004 13:29:48 -0000

5.1

I have a server with 5 public IP addresses, so I'm thinking I'll set it up=
 with one IP for the server (as a host) and the other 4 assigned to 4=
 jails. The jails are for websites...

>From a security standpoint, wouldn't it be better to run four instances of=
 ftpd (one in each jail), as opposed to one instance on the host server?

And from a security standpoint, should I run apache from the host server,=
 where I can configure mod_security the way I want, or just run individual=
 apaches inside each jail and let the website owners configure it the way=
 they want?

I like the idea of running things inside the jail, and recognize that if=
 the webmaster of the site configures it wrong, it's their problem not=
 mine, but is the jail secure enough to allow them that much access?

I have heard of hosting sites selling "virtual dedicated servers" by giving=
 someone root access to a jail, so I'm thinking jails are fairly secure.=
 Anyone with experience in this that can give me advice?

Thanks,
Chris