This is the sandbox of judger for SDUOJ, which provides a secure environment for running user's code that is submitted from web.
The sandbox can run on Linux with system call setrlimit and seccomp to limit the resource and some dangerous system calls.
Building this sandbox need libseccomp-dev, you can install it with command followed.
$ sudo apt-get install libseccomp-dev
Then, you can install the sandbox to /opt/sduoj-sandbox/bin/sandbox and /usr/bin/sandbox
$ make
$ sudo make install
If you want to uninstall it, you can run
$ sudo make uninstall
You can run the sandbox with such command
# root privilege is needed
$ sudo ./sandbox \
--exe_path="/usr/bin/python3" \ # executable file path
--exe_args="test/test_py.py" \ # args of executable file
--input_path="test/input.txt" \ # where to get input
--output_path="test/output.txt" \ # where the output should be
--seccomp_rules=general \ # systemcall filte rules, optional `c_cpp`, `c_cpp_file_io`
--max_memory=33554432 # maximum memnory in bytes
Use --help to get more information about usages.
I would like to extend my sincere gratitude to those projects listed below for providing us solid technical support and creative inspiration.