• HomePage
• SideBar

Installation

• Debian
• CentOS
• Gentoo
• Mac-OS
• FreeBSD
• Ubuntu

Upgrades

• Debian Etch to Lenny
• DTC-Xen Squeeze

DTC-Xen Installation

• A server with DTC-Xen
  • RAID1 and LVM
  • The xen kernel
  • DTC-Xen
  • Customization
  • Big partitions (> 2TB)
  • OS and appliances
• Debian
• CentOS

FAQ

• FAQ

Howtos

• SBOX and DTC
• Backup MX and NS
• Writing a Packager
• Debian PureFTP fix
• FTP Backup
• Scripting DTC
• Your first steps
• Disaster recovery
• New Server Migration
• Renewing pop3 ssl certs
• Setting up smtp tls
• Tuning your Mysql
• Dirvish & Automysqlbackup
• Setup Open VPN quickly
• Rename your DTC VPS
• Rename your DTC Xen Host
• Change your DTC Main IP Address
• Customer SSL Certs
• Change PHP Safe Mode
• Change Directory Index for Domain
• Managing The Mail System
• Setup Test DTC System
• Setup Netflow Traffic Monitoring
• Setup a Nagios Monitoring System
• Keep Your System Up to Date
• How do Custom products work

Manuals

• Users
• Administrators

Features

• General
• Admin
• Client

Roadmap

• Roadmap
• IPv6 Roadmap
• Virtualization

Devel docs

• Translating DTC
• Directory Structure
• The installer
• Adding fields SQL
• Config values of the panel
• Template system
• Git help
• Plugins
• Build the Package
• About Xen VM image packaging

Wiki - i18n

• Francais
• Brazilian
• 中文
• Español
  • Instalación de DTC

Wiki - Meta

• Search site
• All recent changes
• Preferences

• View
• Edit
• History
• Print
• Backlinks

Using CGI-BOX and dealing with the SBOX protection

DTC is made so it's possible to use it for shared hosting purpose. That means that CGI-BIN has to be secured in some way. You might know that as-is, CGI-BIN are dangerous in shared hosting, because with it you could access to virtualy all the server files. That's why we use SBOX that does the chroot, chuid, and also cpu, memory and file-access limitations.

That means that if you want to run a perl script for a CGI that is hosted with DTC with SBOX activated, then you need to upload all the perl libraries inside that vhost chroot disk. In fact, you need to upload all the files and library that your CGI might use. It's a pain, but the counterpart is that it's possible to completly customize a CGI-BIN environement and be sure that it's TOTALY SAFE to use it. You could even run a different version of PHP than the system version (the cgi version) if you upload it (I did it and it worked pretty well).

That being said, if it's YOURS cgi-bin and that you trust yourself (of course you do), you can disable SBOX for a domain. Go in the domain configuration of an admin, and then click on the SBOX-Protection link to set it to "no". Once you done it for a domain, you can then disable it for all of it's subdomains. So once disabled for a particular domain, you need to go on the subdomain you want to disable SBOX for, and there a new radio button will appear that allows you to disable SBOX.