在服务器上执行外部Java源代码 - 限制安全性和资源？ [英] Execute external Java source code on server - limit security and resources?

问题描述

我正在考虑建立一个简单的在线服务，人们可以通过提交解决方案解决编程练习，以源代码的形式，到我的服务器，在那里它是然后解释/编译和执行/测试。

I'm thinking about building a simple online service where people can solve programming exercises by submitting their solution, in form of source code, to my server where it is then interpreted/compiled and executed/tested.

通过使用Java VM，我可以提供对Java，Scala，Clojure，Ruby，Python和Javascript的支持。但是当我仔细考虑它时，恐怕我不知道如何限制脚本的资源和权限。

By using the Java VM I could offer support for Java, Scala, Clojure, Ruby, Python and Javascript out of the box. But when I think about it in detail I'm afraid I don't know how to limit a script's resources and permissions.

我的意思是它应该不能

• 写入磁盘


• 创建超过X个线程


• 运行超过X秒


• 使用超过X MB内存


• 执行外部应用程序


• 等

• write to disk
• create more than X threads
• run more than X seconds
• use more than X MB memory
• execute external applications
• etc

如何将每个脚本放在沙箱中？

根据我的阅读，SecurityManager似乎无法做到这一切...

From what I've read the SecurityManager doesn't seem to be able to do all that...

推荐答案

嗯，你可以使用一些通用的安全系统来确保安全的代码执行，如 AppArmor 或< a href =http://en.wikipedia.org/wiki/Security-Enhanced_Linux =nofollow> SELinux 。
它不仅适用于java，python等应用程序，还适用于bash脚本，二进制可执行文件等。
还没有与SELinux一起工作，但这是AppArmor安全配置文件的一个简单示例，除了运行超过X秒之外，它会执行您提到的所有内容 - 这可以通过
超时机制完成（I我是一个新用户，所以cannon在这里张贴第二个链接O_o ..）

Well, you can use some general security system to ensure safe code execution like AppArmor or SELinux. It works not only for java, python, etc. applications, but also for bash-scripts, binary executables and so on. Haven't worked at all with SELinux, but this is a simple example of AppArmor security profile which does everything you mentioned except "running more than X seconds" - this can be done by timeout mechanism (I'm a new user, so cannon post a second link here O_o..)

#include <tunables/global>

/path/to/executable {
  #include <abstractions/base>

  # http://linux.die.net/man/2/setrlimit

  # limit memory (address space)
  set rlimit as <= 150M,
  # limit core dump file http://linux.die.net/man/5/core
  set rlimit core <= 2M,
  # allow to create files only this size at max
  set rlimit fsize <= 1M,
  # limits number of threads (fork bomb won't go! :))
  set rlimit nproc <= 10,
  # program will have access to stuff defined in abstractions/base and 
  # to the file defined below. Nothing else.
  /path/to/file.txt rw,
}

怎么样？将每个脚本放在沙箱中 - 您可以为script1，script2等创建几个相同的配置文件。如果您想要对您的网站上的人们解决的不同练习具有不同的权限，这也是一种方式。

What about putting each script in a sandbox - you can create several identical profiles for script1, script2 etc. This is also the way if you want different permissions for different excercises people will solve on your site.

这是使用超时的一个例子：

And this is an example of using timeout:

$sudo apt-get install timeout
$timeout 3 ./binary #limits execution of ./binary to 3 seconds

我还想建议你限制如果你有任何编译的编程语言的编译时间。
例如，在C ++中，有人可以写一个棘手的模板或

I also want to recommend you limit compilation time for compiled proramming languages if you have any. For example, in C++ someone can write a tricky template or

#include </dev/urandom>

这会在编译时导致cpu密集型工作。

That will cause cpu-intensive work at compile-time.

这篇关于在服务器上执行外部Java源代码 - 限制安全性和资源？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！