1

I am looking to offer a free deployment system for ruby web applications (based on rack and not ruby on rails) so essentially I will allow users to upload a file with their app and the app will show at http://user.domain.com

While I am trying to parse what is uploaded as an app the only way to be sure that this will not create any damage is isolation. I plan to achieve this with a FreeBSD jail.

The first problem is that we will have a single IP. I am not sure if these two methods are appropriate for multiple apps that all need to run on port 80:

http://blog.burghardt.pl/2009/01/multiple-freebsd-jails-sharing-one-ip-address/ http://www.bsdtips.org/index.php/Giving_a_jail_multiple_IPs_with_pf_and_NAT

The template with a standard ruby install can be possibly done with http://erdgeist.org/arts/software/ezjail/

The question is if this setup would be appropriate OR I would need a nginx reverse proxy setup ?

Will the ruby app running in a jail be guaranteed not to create any damage for other users/the server ?

What would be the recommended setup to achieve this multi hosting environment with FreeBSD+jail?

jirib
  • 1,240
  • 8
  • 15
devnull
  • 188
  • 1
  • 8

1 Answers1

1

You would need nginx acting as a reverse proxy if you only have the single public IP, and you want to have the applications jailed. However, the effect of this is that all access from the jails perspective will be from the host, so the user applications could have inaccurate information if they rely on that in any way. You can use proxy_set_header in Nginx to set a standard proxy header like X-Forwarded-For, and make sure your users know that the correct information is located there.

Linux has support for something known as transparent proxying which allows an application to spoof the source IP on a packet as it passes through a host. There is basic support for this in FreeBSD, but it is only available to root, as no access controls have been added to allow a user to control this. The kernel can be patched to allow any user to spoof packets, but this is a security risk, so you need to consider what works best for your environment.

Will the ruby app running in a jail be guaranteed not to create any damage for other users/the server ?

Jails are a fairly secure way of mitigating risk to the host server from services running on it. There have been "jail breaks" in the past, but I don't believe there has been any recently. There are also configuration mistakes that can be made that could make a jail break possible. However, ezjail is mature and should get you setup with a safe environment.

Consider though that there is potential for damage to be done within the jail, and you'll need to think of how exactly you can detect that something against your terms of use is being done.

brent
  • 3,521
  • 3
  • 26
  • 37