How to run a program under Windows with limited memory/CPU time?

Question

It started with this question, followed up with this question and now led to the present one. :)

The task is as follows: make a Windows program that will run another program in a limited environment. The other program cannot be trusted, so it has to be ready for hackish code. More specifically:

• Limit the available memory to some X MB (given as a parameter);
• Limit the available execution time to some X milliseconds (given as a parameter). Note, that this is the Kernel Time + User Time, but not Idle time. On the other hand, Idle time also has to be limited so that the program cannot Sleep() infinitely.
• Upon program's termination report the CPU time it actually spent, as precisely as possible. Milliseconds would be good, centiseconds acceptable, less than that would not be nice. CPU cycles would be ideal.
• If the program crashes, report some information about the crash (the more the better, but don't go overboard with stack traces and the like).
• Preferably capture all the output of the program and report that too;
• The program is supposed to be using just the current directory, plus maybe some mandatory .DLLs from SYSTEM32 (like kernel.dll, user32.dll, etc.). Limit access to anything else as much as possible. Accessing things like registry and network should not be needed (unless the mandatory .DLL's require it). The less access, the better.

This will be needed for a computing olympiad support software. This program will run the participants submissions on the central server, so you can expect pretty much anything there. Crashes will be routine, and some hacking attempts can be expected too.

So - how would you go about making such a program? What would you use? In the previous topics (see above) it has become clear that attaching as a debugger is a bad idea, although perhaps I'm simply too clumsy.

Answer 1

You are pretty much building the same process model as IIS - fun! I would use the same tools that IIS uses, its relatively robust against hacking and its designed to partition your system up into many concurrent jobs.

You can use Win32 Jobs to set quotas for memory, cpu, threads and you can set up a security context for different processes to run in, thus limiting access to the file system.

For monitoring, I would look at WMI.

For stack trace when hanging or crashing, I have used ADPlus again from Microsoft.

For capturing console output, check out Creating a Child Process with Redirected Input Output.

Regarding security restrictions, create a low privilege user account and run the job / process as that user.