If I understand your use-case correctly, you have multiple virtual servers providing service through a single webserver and single php-fpm instance:
Code:
[virtual webserver A][virtual webserver B][virtual webserver C]
|
|
[webserver]
|
|
[php-fpm]
Considerations:
- If the webserver is httpd(8), it operates in a chroot(2) at /var/www by default. Each virtual server can have a separate document root, but the virtual servers are not otherwise isolated from each other in the filesystem.
- sshd(8) can isolate a user's access to a new filesystem root, either at or within a virtual server's document root. This *may* isolate that user from other virtual servers' documents, if the virtual servers have unique document roots. It will also prevent that user from accessing other structures within /var/www, such as /var/www/run, as well as any other directories in other parts of the OS filesystem.
- The php-fpm engine also runs chrooted in /var/www by default. Even so, there is certainly the possibility of interference in operation of the engine through uploaded scripts, as you intend to permit the untrusted user to upload and then run ANY php script the user desires. To mitigate some of these accepted risks caused by this, a separate php-fpm engine and separate back end database engines should also be considered.
If I don't understand, please correct me.