Multiple accounts sharing same public_html, without security issues?

For some reason it wouldn't let me edit, so here's the revised version making my intentions clearer.

Hey everyone,

I have a project ahead of me and need to figure out the capabilities of cPanel in these regards; perhaps it'll be a fun intellectual exercise for Michael, InfoPro and other CP staff and users

Show/Hide: System Env Specs

[root@whmcf01 ~]# grep '' /etc/redhat-release /usr/local/cpanel/version /var/cpanel/envtype ; grep CPANEL= /etc/cpupdate.conf
/etc/redhat-release:CloudLinux release 7.6 (Vladimir Lyakhov)
/usr/local/cpanel/version:11.70.0.62
/var/cpanel/envtype:xen hvm
CPANEL=11.70

I have a proprietary SAAS CMS web application that I'm attempting to deploy for each of our users via cPanel. Think of it as a softaculous type deploy-able setup, except it modifyies the document root and makes it so the users can't access any of the data unless it's through our CMS web app.

Overview:

1. This SAAS CMS web application runs as a monolithic site, comprised of files only under public_html and a single database. So nothing complex going on there..
2. Each account needs read/write access to the shared set of public_html files and database.
3. Each account cannot have direct access to the shared files / database. (i.e. disable web related UI, SSH etc.) I don't want them seeing the proprietary data.
4. Each account must retain the typical cPanel access to DNS, Email, etc. Essentially everything not webfile/database related.
5. If possible, make the solution so that other "regular users" aren't adversely affected.
6. If possible, make it user run in their own environment (cagefs/run pid as per user)

How do you suggest I go about this?

I've contemplated:

• Perhaps creating an Apache include with the necessary variables and simply hiding access via features. (wishful thinking?)
• Copying the proprietary files under every users directory, and leave the database attached to the parent domain. (maintenance headache and security concerns)
• Combine everyone's thoughts together and create automated system of hook(s) / master of puppets that runs behind the scenes making constant edits and service restarts & reloads. (last resort)

Any insight would be greatly appreciated, thanks!

 

@cPanelMichael Thanks for the reply.

I must not have articulated my question correctly. See the attached images illustrating what I'm trying to accomplish.

Our CMS software is already deployed and running in a non-cpanel environment (for 10+ years now). What I'm trying to figure out is, how to make it work properly using cPanel.

I'm trying to figure out how to make it so all the cpanel accounts paying for our CMS software have filesystem access to the same files, but without letting the client (humans) have access to our proprietary code; all whilst having each site running as it's own user so CloudLinux LVE can ensure server stability.

 

Thanks, @Infopro whatever you looked at fixed the problem. I've edited and attached the two images to my previous reply. Feel free to take a quick peek at those pics to see what I'm trying to accomplish. You might have an obvious/immediate solution. Cheers!