Restrict access to "critical" functions

Adam D. Ruppe destructionator at gmail.com
Wed Dec 14 09:16:45 PST 2011


On Monday, 12 December 2011 at 18:48:17 UTC, Christian Köstlin 
wrote:
> Goal would be to have a possibility to compile and let run code 
> from random people (some of them perhaps evil minded), watch 
> over the processes and kill them, if they take too long or use 
> up too much memory.


This is something you should set up in the operating system. The
programming language can't do much to help here.

On the operating system, create a new limited user account for
the random people code. Limited user accounts can't format hard
drives.

Then, make sure your other files have the proper permissions so
the new user can't read/modify them. (This should mostly be done
already on any OS installation.)

You might add a disk quota to prevent them from using too much
disk space, not not give them any write access at all.


Finally, set CPU and memory limits on the user processes. In 
Linux,
see "man setrlimit" for some info.


More information about the Digitalmars-d-learn mailing list