how to execute c code securely

前端 未结 4 475
有刺的猬
有刺的猬 2021-01-28 11:46

In this scenario the user will submit his/her C code to my server through a browser. The code will then be compiled and executed on my server and the output will be sent to the

相关标签:
4条回答
  • 2021-01-28 11:56

    Other problem to think to : what rights to allow the guest process: is he allowed to open a socket ? If so , what traffic do you allow him ?

    In the case you open a socket, then the problem becomes even more complex, because he can deliver an attack over that socket...

    0 讨论(0)
  • 2021-01-28 12:02

    I cannot answer you for windows -- I can tell you for linux.

    This is an extremly complex problem. You need to think to:

    • quota limit
    • process that compiles/executes the code to be runned as an unprivileged user.
    • do not allow the process to run more than N seconds
    • do not allow process to allocate too much memory

    I can say that this is a long-term project that you can not finish correctly in a few weeks.

    0 讨论(0)
  • 2021-01-28 12:04

    Your question is perhaps equivalent to the halting problem, and probably has no bullet proof answer (think of asm in malicious C code, forged function pointers, computed goto, buffer overflow trashing the return address, dlsym & dlopen, etc.).

    As mentioned by Shawn in his comment (referring to this question), you could use sand-boxing techniques. Alinsoar's answer shows you the complexity of the issue.

    0 讨论(0)
  • 2021-01-28 12:06

    You might consider using ideone API, some mobile devices software do so (CodeToGo for example)

    0 讨论(0)
提交回复
热议问题