building an online judge to evaluate Python programs
Terry Reedy
tjreedy at udel.edu
Fri Sep 20 18:43:04 EDT 2013
On 9/20/2013 4:04 PM, Jabba Laci wrote:
>> That last seems to me to be the biggie. Several times in the past few
>> years, people in this mailing list have tried to build a safe sandbox.
>> And each one was a big failure, for a hacker of sufficient interest.
>> Some of them were spectacular failures.
>>
>> If you have to be safe from your user, Python may be the wrong language
>> to give them.
>
> Well, the course is about Python and I want to test Python scripts...
>
> I've heard about "chroot jail" but I never used it. Wikipedia says:
>
> "A chroot on Unix operating systems is an operation that changes the
> apparent root directory for the current running process and its
> children. A program that is run in such a modified environment cannot
> name (and therefore normally not access) files outside the designated
> directory tree. The term "chroot" may refer to the chroot(2) system
> call or the chroot(8) wrapper program. The modified environment is
> called a "chroot jail"."
>
> I guess it could be used for sandboxing.
Perhaps running in a virtual environment helps. 3.3 comes with venv,
which I believe is a version of virtualenv or something.
--
Terry Jan Reedy
More information about the Python-list
mailing list