So i had made an earlier post about installing CloudLinux and CageFS onto DO. Having just discovered DO’s VPC (Virtual Private Cloud) aren’t the two offering the same? Essentially VPC is what CageFS is? CageFS: https://docs.cloudlinux.com/cloudlinux_os_components/#cagefs *“CageFS is a virtualized file system and a set of tools to contain each user in its own ‘cage’. Each customer will have its own fully functional CageFS, with all the system files, tools, etc. The benefits of CageFS are: Only safe binaries are available to user User will not see any other users, and would have no way to detect presence of other users & their user names on the server User will not be able to see server configuration files, such as Apache config files. User’s will have limited view of /proc file system, and will not be able to see other users’ processes At the same time, user’s environment will be fully functional, and user should not feel in any way restricted. No adjustments to user’s scripts are needed. CageFS will cage any scripts execution done via: Apache (suexec, suPHP, modfcgid, modfastcgi) LiteSpeed Web Server Cron Jobs SSH Any other PAM enabled service ”* VS DO’s VPC: https://www.digitalocean.com/docs/networking/vpc/ “A Virtual Private Cloud (VPC) is a private network interface for collections of DigitalOcean resources. VPC networks are private networks that contain collections of resources that are isolated from the public internet and other VPC networks within your account, project or between teams in the same datacenter region. This means your resources, such as Droplets and databases, can reside in a network that is only accessible to other resources in the same network.” Am I right?

Join the DigitalOcean Community

Join 1M+ other developers and:

Get help and share knowledge in Q&A
Subscribe to topics of interest
Get courses & tools that help you grow as a developer or small business owner

Join Now

Server won't boot

Question

cpu from 13% to 100% in one minute

Question

CageFS (Cloud Linux) vs VPC - Both the same?

Posted July 3, 2020 665

So i had made an earlier post about installing CloudLinux and CageFS onto DO. Having just discovered DO’s VPC (Virtual Private Cloud) aren’t the two offering the same? Essentially VPC is what CageFS is?

CageFS:

https://docs.cloudlinux.com/cloudlinux_os_components/#cagefs

*“CageFS is a virtualized file system and a set of tools to contain each user in its own ‘cage’. Each customer will have its own fully functional CageFS, with all the system files, tools, etc.

The benefits of CageFS are:

Only safe binaries are available to user
User will not see any other users, and would have no way to detect presence of other users & their user names on the server
User will not be able to see server configuration files, such as Apache config files.
User’s will have limited view of /proc file system, and will not be able to see other users’ processes

At the same time, user’s environment will be fully functional, and user should not feel in any way restricted. No adjustments to user’s scripts are needed. CageFS will cage any scripts execution done via:

Apache (suexec, suPHP, modfcgid, modfastcgi)
LiteSpeed Web Server
Cron Jobs
SSH
Any other PAM enabled service ”*

DO’s VPC:

https://www.digitalocean.com/docs/networking/vpc/

“A Virtual Private Cloud (VPC) is a private network interface for collections of DigitalOcean resources. VPC networks are private networks that contain collections of resources that are isolated from the public internet and other VPC networks within your account, project or between teams in the same datacenter region. This means your resources, such as Droplets and databases, can reside in a network that is only accessible to other resources in the same network.”

Am I right?

Add a comment