Home → Support →

Security/Sandboxing

• Edit

mcintyre321

21 Jan, 2011 04:45 PM

Hi could you please explain a little bit about how different users code is isolated, both at build and compile time? Running msbuild against a .sln file and/or running an ASP application have plenty of scope for another user to run DOS or other malicious attacks on code executing on the same machine. Is everything hosted in a seperate environment?

I appreciate you are in beta so I shouldn't be trusting any secure code or customer details to appharbor yet, but some clarity on the protections in place wouldn't go amiss.

1. Support Staff 1 Posted by rune on 22 Jan, 2011 09:43 AM

   

   Hi,

   I'm happy to give you some insights on this. First off, the build and application environments are completely separate from each other. No servers are building and running applications at the same time. The web servers running people's applications do host multiple applications. Due to our multitenant architecture we've taken measures that prevents people from accessing each others environments - for instance, each application is run in it's own application pool in IIS, using it's own application pool identity. This identity is then used to scope access, preventing an application pool user from accessing the files of any other applications on the server.

   New security holes in .NET, Windows Server etc., are discovered from time to time and in order to address this, we make sure of our servers are updated at all times.

   If you have any inputs or encounter something that seems troubling feel free to write us and we'll look at it immediately. It's obviously very important to us, that our users trusts us and we believe this is best archived by due diligence in designing our platform and by having an open dialogue with our users.

   Best regards,
   Rune
   

   • Edit

2. rune closed this discussion on 22 Jan, 2011 09:43 AM.