Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder4.news.weretis.net!rt.uk.eu.org!newsfeed.xs4all.nl!newsfeed2.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.063 X-Spam-Evidence: '*H*': 0.87; '*S*': 0.00; 'subject:Python': 0.06; 'suppose': 0.07; 'finished.': 0.09; 'cc:addr:python-list': 0.11; 'code?': 0.16; 'edward': 0.16; 'limit.': 0.16; 'url:faq': 0.16; 'wrote:': 0.18; '(but': 0.19; "hasn't": 0.19; 'seems': 0.21; 'separate': 0.22; 'cc:addr:python.org': 0.22; 'questions:': 0.24; 'sends': 0.24; 'cc:2**0': 0.24; 'script': 0.25; 'header:In-Reply- To:1': 0.27; "doesn't": 0.30; 'message-id:@mail.gmail.com': 0.30; 'url:mailman': 0.30; 'that.': 0.31; 'too.': 0.31; 'disable': 0.31; 'sep': 0.31; 'subject:programs': 0.31; 'writes:': 0.31; 'run': 0.32; 'url:python': 0.33; 'fri,': 0.33; '"the': 0.34; 'could': 0.34; 'received:google.com': 0.35; 'there': 0.35; 'done': 0.36; 'url:listinfo': 0.36; 'url:org': 0.36; 'should': 0.36; 'seconds': 0.37; 'easily': 0.37; 'process,': 0.38; 'security,': 0.38; 'pm,': 0.38; 'anything': 0.39; 'itself': 0.39; 'sure': 0.39; 'url:mail': 0.40; 'how': 0.40; 'subject:online': 0.61; 'john': 0.61; 'account': 0.65; '20,': 0.68; 'judge': 0.68; 'email addr:panix.com': 0.84; 'malicious': 0.84; 'to:addr:gordon': 0.84; 'bears': 0.91; 'url:latest': 0.91; '2013': 0.98 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=1PAjqkOFmyh9MmRSwuScmNbhaEOiXfQfZw+tecBKL6Q=; b=b+ijXmEzyHMtgMGJsFPOy55JlK2zxtvyrIKG7KiyJpY+YWcingBZKWhdQXZHVcq+ib qqaopECoNDWHrsojUuA8Tz9fU5a8e0UeigIXSichQdtSSR7y3Wx9AF8V5lo+mf/TpkZ1 WrR+xGi7WE35VLsX5wAhyWNAmfMLXXG0K4ckgOGILW8OrcLuZJZgLGBYuIzjzo3nVJQS 8c0od7QNAXkCkE9n/yoMIwGc9JyLFvh8uP8z1+JB2I+1xj/xyZ4nLyLqWkZTWggHddCK j+7LmST0ivtKGGDkL/dpWolXP96B1aGZ5WUp2Gj9rIaSu6/05gzPPvdaYo5jroWdaFb8 YPHg== X-Received: by 10.204.63.7 with SMTP id z7mr7007234bkh.23.1379716021039; Fri, 20 Sep 2013 15:27:01 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: From: Jabba Laci Date: Sat, 21 Sep 2013 00:26:40 +0200 Subject: Re: building an online judge to evaluate Python programs To: John Gordon Content-Type: text/plain; charset=ISO-8859-1 Cc: Python mailing list X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 31 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1379716029 news.xs4all.nl 15967 [2001:888:2000:d::a6]:52644 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:54516 I just found Docker ( http://docs.docker.io/en/latest/faq/ ). It seems sandboxing could be done with this easily. Laszlo On Fri, Sep 20, 2013 at 10:08 PM, John Gordon wrote: > In Jabba Laci writes: > >> There are several questions: >> * What is someone sends an infinite loop? There should be a time limit. > > You could run the judge as a background process, and kill it after ten > seconds if it hasn't finished. > >> * What is someone sends a malicious code? The script should be run in a >> sandbox. > > You could run the judge from its own account that doesn't have access to > anything else. For extra security, make the judge program itself owned by > a separate account (but readable/executable by the judge account.) > > I suppose you'd have to disable mail access from the judge account too. > Not sure how to easily do that. > > -- > John Gordon A is for Amy, who fell down the stairs > gordon@panix.com B is for Basil, assaulted by bears > -- Edward Gorey, "The Gashlycrumb Tinies" > > -- > https://mail.python.org/mailman/listinfo/python-list