Menu
I've spent more than a few hours humbling myself on the ACM ICPC's problem set archive, and I've wondered how the online judge is able to compile and run source code from any user and prevent malicious attacks to their system.
Are the compiled binaries run from some kind of limited sandbox? How would one go about setting up this kind of sandbox? What OS would you use? How would you launch a user's compiled executable?
883
You could run it in a Linux chroot jail, or link it against a libc that doesn't implement any file I/O.
110
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
