erlc safety

[Erik Garrison]

On Wed, 3 May 2006 orbitz@REDACTED wrote:

> I am considering offering a webform for people to submit their code
> and run it through erlc and output any compilation errors or if it
> was successful.  What do I need to worry about in terms of
> sandboxing?  I think the biggest security risk is -include.  -include
> ("/etc/passwd") or something like that.  What should my concerns be?
> Are there solutions to these problems?

Would *nix user permissions solve this case?  You could just have a
paralell environment (maybe a chrooted one) in which an otherwise
unprivelaged user can compile, but not execute the resulting modules.

-Erik