Path: csiph.com!usenet.pasdenom.info!news.etla.org!news.stack.nl!newsfeed.xs4all.nl!newsfeed2.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.016 X-Spam-Evidence: '*H*': 0.97; '*S*': 0.00; 'root': 0.05; 'sufficient': 0.05; 'subject:Python': 0.06; 'modified': 0.07; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'wrapper': 0.09; 'python': 0.11; 'jan': 0.12; 'changes': 0.15; 'access)': 0.16; 'helps.': 0.16; 'received:80.91.229.3': 0.16; 'received:plane.gmane.org': 0.16; 'reedy': 0.16; 'language': 0.16; 'wrote:': 0.18; 'normally': 0.19; 'seems': 0.21; 'header:User-Agent:1': 0.23; 'environment': 0.24; "i've": 0.25; 'designated': 0.26; 'header:X-Complaints-To:1': 0.27; 'header:In-Reply-To:1': 0.27; 'tried': 0.27; 'unix': 0.29; 'hacker': 0.31; 'subject:programs': 0.31; 'run': 0.32; 'running': 0.33; 'guess': 0.33; 'could': 0.34; 'test': 0.35; 'but': 0.35; 'version': 0.36; 'virtual': 0.37; 'wrong': 0.37; 'operating': 0.37; 'list': 0.37; 'to:addr:python-list': 0.38; 'files': 0.38; 'pm,': 0.38; 'heard': 0.39; 'to:addr:python.org': 0.39; 'mailing': 0.39; 'received:org': 0.40; 'called': 0.40; 'subject:online': 0.61; 'received:173': 0.61; 'course': 0.61; 'times': 0.62; 'name': 0.63; 'term': 0.63; 'such': 0.63; 'refer': 0.63; 'believe': 0.68; 'user,': 0.69; 'safe': 0.72; 'therefore': 0.72; 'interest.': 0.81; 'failures.': 0.84; 'received:fios.verizon.net': 0.84; 'apparent': 0.91; 'spectacular': 0.91; 'children.': 0.93 X-Injected-Via-Gmane: http://gmane.org/ To: python-list@python.org From: Terry Reedy Subject: Re: building an online judge to evaluate Python programs Date: Fri, 20 Sep 2013 18:43:04 -0400 References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Gmane-NNTP-Posting-Host: pool-173-75-251-66.phlapa.fios.verizon.net User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.0 In-Reply-To: X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 29 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1379717004 news.xs4all.nl 15960 [2001:888:2000:d::a6]:60317 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:54519 On 9/20/2013 4:04 PM, Jabba Laci wrote: >> That last seems to me to be the biggie. Several times in the past few >> years, people in this mailing list have tried to build a safe sandbox. >> And each one was a big failure, for a hacker of sufficient interest. >> Some of them were spectacular failures. >> >> If you have to be safe from your user, Python may be the wrong language >> to give them. > > Well, the course is about Python and I want to test Python scripts... > > I've heard about "chroot jail" but I never used it. Wikipedia says: > > "A chroot on Unix operating systems is an operation that changes the > apparent root directory for the current running process and its > children. A program that is run in such a modified environment cannot > name (and therefore normally not access) files outside the designated > directory tree. The term "chroot" may refer to the chroot(2) system > call or the chroot(8) wrapper program. The modified environment is > called a "chroot jail"." > > I guess it could be used for sandboxing. Perhaps running in a virtual environment helps. 3.3 comes with venv, which I believe is a version of virtualenv or something. -- Terry Jan Reedy