tag:support.appharbor.com,2010-11-23:/discussions/problems/75-securitysandboxingAppHarbor: Discussion 2012-06-12T16:42:05Ztag:support.appharbor.com,2010-11-23:Comment/48587332011-01-22T09:43:05Z2011-01-22T09:43:05ZSecurity/Sandboxing<div><p>Hi,</p>
<p>I'm happy to give you some insights on this. First off, the
build and application environments are completely separate from
each other. No servers are building and running applications at the
same time. The web servers running people's applications do host
multiple applications. Due to our multitenant architecture we've
taken measures that prevents people from accessing each others
environments - for instance, each application is run in it's own
application pool in IIS, using it's own application pool identity.
This identity is then used to scope access, preventing an
application pool user from accessing the files of any other
applications on the server.</p>
<p>New security holes in .NET, Windows Server etc., are discovered
from time to time and in order to address this, we make sure of our
servers are updated at all times.</p>
<p>If you have any inputs or encounter something that seems
troubling feel free to write us and we'll look at it immediately.
It's obviously very important to us, that our users trusts us and
we believe this is best archived by due diligence in designing our
platform and by having an open dialogue with our users.</p>
<p>Best regards,<br>
Rune<br></p></div>rune