Thu May 4 01:02:01 CEST 2006
That might be a pain in the butt thouhg. With a chrooted environment
I need to include EVERYTHING required in running erlc. And If i want
to do this with a number of languages (haskell, c/c++, fortran, etc),
that could be a real PITA and a lot of disk space (i don't believe I
can use symlinks...)
On May 3, 2006, at 4:33 PM, Erik Garrison wrote:
> On Wed, 3 May 2006 orbitz@REDACTED wrote:
>> I am considering offering a webform for people to submit their code
>> and run it through erlc and output any compilation errors or if it
>> was successful. What do I need to worry about in terms of
>> sandboxing? I think the biggest security risk is -include. -include
>> ("/etc/passwd") or something like that. What should my concerns be?
>> Are there solutions to these problems?
> Would *nix user permissions solve this case? You could just have a
> paralell environment (maybe a chrooted one) in which an otherwise
> unprivelaged user can compile, but not execute the resulting modules.
More information about the erlang-questions