I want to add a feature to a linux-based web service that allows untrusted

Question

0

Asked: May 31, 20262026-05-31T18:49:32+00:00 2026-05-31T18:49:32+00:00

I want to add a feature to a linux-based web service that allows untrusted

0

I want to add a feature to a linux-based web service that allows untrusted users to upload the source code to a small C++ program, and for that code to be automatically saved to a file on the server and compiled with gcc and then executed, capturing the standard output. (This is a feature not unlike ideone.com, or spoj.pl, or topcoder.com, or codechef.com, or many of other web sites that do this.)

My questions are:

Q1. How do I sandbox the executable to guard against malicous users that try to damage the filesystem or access the network, etc?

Q2. Is there a fair/accurate way of rashoning system resources to the process, such as processor time and memory usage?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-31T18:49:33+00:00

Editorial Team

2026-05-31T18:49:33+00:00Added an answer on May 31, 2026 at 6:49 pm

chroot jail
ulimit
patch kernel so socket() by the uid you are running this as fails.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I want to add a feature to a linux-based web service that allows untrusted

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply