multi-language sandbox
C Python Makefile Lua JavaScript Ruby
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
spec
.gitignore
Makefile
README.md
dict.c
dict.h
function.c
function.h
language.c
language.h
language_js.c
language_lua.c
language_proxy.c
language_py.c
language_rb.c
run_specs
seccomp.c
seccomp.h
seccomp_defs.h
settings.c
settings.h
util.c
util.h

README.md

About:

This is a secure sandbox for (so far) Python, Javascript, Ruby and Lua.

It's aimed at online programming challenges, homework assignments etc.

Features:

  • shielding of guest programs from the rest of the operating system: the processes run in a seccomp jail and can only execute a very limited set of system calls (read/write to pre-opened pipes, gettimeofday, exit, etc.)
  • memory limit: limit the amount of memory guest processes are able to consume.
  • time limits: abort function calls to guest programs after a time limit has elapsed.
  • unified interface: all language interpreters are initialized in the same way.
  • unified data types: pass strings, integers, floats, nested arrays and booleans back and fro from all guest languages using a common API.
  • callback functions: invoke callback functions defined in your application e.g. to query for state, deliver results or write debug output. Function calls are serialized through pre-opened pipes to communicate with the sandbox the guest programs run in.
  • multiple simultaneous programs: any number of guests running in a single application.