Forum: Rails deployment suexec for mongrel?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Scott M. (Guest)
on 2007-05-19 05:47
Hello.

Does mongrel support a 'suexec'-like mechanism for executing code with
the privileges of a specific user?

Consider the following scenario:

A Linux server has a large number of web-hosting accounts, each
corresponding to a separate Apache virtual host. We wish to use a single
Rails application to allow users to edit their personal account settings
(i.e. modify files that they own in their account).

As there is only ever one Rails administration application, it makes
sense to deploy one mongrel_cluster to run this. We can then use Apache
mod_proxy_balancer to expose this application as a URL within the client
account's domain, for example: http://www.myhost.com/admin/

Now, the problem we have is that the mongrel cluster is running as user
'mongrel', and this user does not have access to the private files owned
by the user that are to be manipulated by the administration
application.

With a regular PHP web-app, this problem would be resolved by running
the application via suexec, thereby giving the application access to
edit the user's files (and also preventing access to other user's
files).

How can I do a similar thing with Rails and mongrel as the preferred
Rails deployment method?

At the moment I see two options:

(1) Run the application as a separate mongrel_cluster for each user.
This solves the user permissions problem, but has the unacceptable
drawback of requiring a huge amount of resources (processes, ports,
memory, etc) to run hundreds of mongrel instances of the same
application (which is only ever accessed by users occasionally).

(2) Add the 'mongrel' user to each user's unix group. This solves the
problem of letting the administration application access each user's
private files, however has the drawback of a single point of failure - a
security breach of the Rails app gives a malicious user access to files
in ALL accounts!

Now an ideal third option would be if mongrel supported a 'suexec' like
feature, that allowed specific requests to be executed with specific
user privileges. This would resolve the permissions problem and also
minimise resource wastage by preventing the need to run multiple
instances of the same application.

Does anyone know if such a 'suexec' type feature exists for mongrel, or
if one is even planned?

Thanks for any help you can give with this.
Scott
This topic is locked and can not be replied to.