[Mono-list] Re: XSP / mod_mono / Apache Question

[Robert Jordan]

Christopher,

> [snip]
>>> Completely insecure mass hosting if you are have multiple clients and not 
>>> writing all the code yourself.  There's ways to solve this, but it's worth 
>>> noting.
>>
>> It's even worth to write them down, unless already documented:
> Not quite sure I understand what you're trying to say here, but I'll take a 
> guess..  Any real security focus for mod_mono is a different topic altogether.  
> (Which has been at least briefly touched on if you read the archives.  So yes it 
> has been written and noted before.) I was trying to make sure that people are 
> aware that under certain circumstances you have to take additional measures to 
> protect mass hosting sites.
>>
>>     http://www.mono-project.com/Mod_mono
>>
>> "Multiple Applications, Multiple mod-mono-servers"
>>
>> Are you taking additional steps to secure the vhosts/apps?
> Most certainly.

Would you mind to share the additional measures with the community?

Thanks!

Robert