在服务器上运行其他人代码(沙盒)的安全方法? [英] Secure way to run other people code (sandbox) on my server?
问题描述
我想制作一个在本地运行其他人的代码的Web服务... 自然,我想将他们的代码访问权限限制到某些沙盒"目录,并且他们将无法连接到服务器的其他部分(数据库,主Web服务器等)
I want to make a web service that run other people code locally... Naturally, I want to limit their code access to certain "sandbox" directory, and that they wont be able to connect to other parts of my server (DB, main webserver, etc)
最好的方法是什么?
运行VMware/Virtualbox:
(+)我猜它是一样安全的..即使有人设法入侵" ..他们只入侵来宾计算机
(+) I guess it's as secure as it gets.. even if someone manage to "hack".. they only hack the guest machine
(+)可以限制cpu&记忆过程使用
(+) can limit the cpu & memory the process uses
(+)易于设置..只需创建虚拟机
(+) easy to setup.. just create the VM
(-)很难将沙箱目录从主机连接"到来宾
(-) harder to "connect" the sandbox directory from the host to the guest
(-)浪费了额外的内存和cpu来管理VM
(-) wasting extra memory and cpu for managing the VM
运行特权用户:
(+)不会浪费额外的资源
(+) doesnt waste extra resources
(+)沙箱目录只是一个普通目录
(+) sandbox directory is just a plain directory
(?)无法限制CPU和内存吗?
(?) cant limit cpu and memory?
(?)不知道它是否足够安全...
(?) dont know if it's secure enough...
还有其他方法吗?
运行Fedora Core 8的服务器,其他"代码用Java& C ++
Server running Fedora Core 8, the "other" codes written in Java & C++
推荐答案
- 在没有特权的用户下运行仍然允许本地攻击者加以利用提升特权的漏洞.
- 允许在VM中执行代码也是不安全的;攻击者可以访问主机系统,如最近 VMWare漏洞报告已显示.
- Running under unprivileged user still allows a local attacker to exploit vulnerabilities to elevate privileges.
- Allowing to execute code in a VM can be insecure as well; the attacker can gain access to host system, as recent VMWare vulnerability report has shown.
我认为,从安全角度来看,首先允许在系统上运行本机代码不是一个好主意.也许您应该重新考虑允许他们运行 native 代码,这肯定会降低风险.
In my opinion, allowing running native code on your system in the first place is not a good idea from security point of view. Maybe you should reconsider allowing them to run native code, this will certainly reduce the risk.
这篇关于在服务器上运行其他人代码(沙盒)的安全方法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
