I just found Docker ( http://docs.docker.io/en/latest/faq/ ). It seems sandboxing could be done with this easily.
Laszlo On Fri, Sep 20, 2013 at 10:08 PM, John Gordon <[email protected]> wrote: > In <[email protected]> Jabba Laci > <[email protected]> writes: > >> There are several questions: >> * What is someone sends an infinite loop? There should be a time limit. > > You could run the judge as a background process, and kill it after ten > seconds if it hasn't finished. > >> * What is someone sends a malicious code? The script should be run in a >> sandbox. > > You could run the judge from its own account that doesn't have access to > anything else. For extra security, make the judge program itself owned by > a separate account (but readable/executable by the judge account.) > > I suppose you'd have to disable mail access from the judge account too. > Not sure how to easily do that. > > -- > John Gordon A is for Amy, who fell down the stairs > [email protected] B is for Basil, assaulted by bears > -- Edward Gorey, "The Gashlycrumb Tinies" > > -- > https://mail.python.org/mailman/listinfo/python-list -- https://mail.python.org/mailman/listinfo/python-list
