codepad.org 和 ideone.com 等网站如何对您的程序进行沙箱处理? [英] How do sites like codepad.org and ideone.com sandbox your program?

问题描述

我需要在我的网站上编译和运行用户提交的脚本，类似于 codepad 和 ideone 做.如何对这些程序进行沙箱处理，以免恶意用户关闭我的服务器?

I need to compile and run user-submitted scripts on my site, similar to what codepad and ideone do. How can I sandbox these programs so that malicious users don't take down my server?

具体来说，我想将它们锁定在一个空目录中，并防止它们在该目录之外的任何地方读取或写入、消耗过多的内存或 CPU 或执行任何其他恶意操作.

Specifically, I want to lock them inside an empty directory and prevent them from reading or writing anywhere outside of that, from consuming too much memory or CPU, or from doing anything else malicious.

我需要从沙箱外部通过管道(通过标准输入/标准输出)与这些程序通信.

I will need to communicate with these programs via pipes (over stdin/stdout) from outside the sandbox.

推荐答案

codepad.org 有一些基于 geordi，它在资源限制的情况下运行 chroot(即限制在文件系统的子树)中的所有内容，并使用 ptrace API 来限制不受信任的程序对系统调用的使用.请参阅 http://codepad.org/about .

codepad.org has something based on geordi, which runs everything in a chroot (i.e restricted to a subtree of the filesystem) with resource restrictions, and uses the ptrace API to restrict the untrusted program's use of system calls. See http://codepad.org/about .

我以前使用过 Systrace，这是另一个用于限制系统调用的实用程序.

I've previously used Systrace, another utility for restricting system calls.

如果策略设置正确，不受信任的程序将无法破坏沙盒中的任何内容或访问不应访问的任何内容，因此可能无需将程序放在单独的 chroot 中并在每次运行时创建和删除它们.虽然这会提供另一层保护，但可能不会受到伤害.

If the policy is set up properly, the untrusted program would be prevented from breaking anything in the sandbox or accessing anything it shouldn't, so there might be no need put programs in separate chroots and create and delete them for each run. Although that would provide another layer of protection, which probably wouldn't hurt.

这篇关于codepad.org 和 ideone.com 等网站如何对您的程序进行沙箱处理?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！