How do you control, manage and run untrusted third-party code in a hosted service?

Question

How do you control, manage and run untrusted third-party code in a hosted service?

Let's say I run a hosted service that wants to allow plugins written by third-party clients.

Perhaps a gaming service provider that provides infrastructure, but allows customers to develop their own game referees. Or a coding competition site that allows coders to send code to run as a solution to any coding problem.

How would you solidify / block / isolate this user code from potential harm to the server that intends to run it?

How would you track and limit the use of resources (mainly CPU, memory)?

This is a good start for Python, but I wonder if anyone has more experience that they can use regardless of language (Python, Lua, Ruby, etc.).

+3

security sandbox

z8000 Apr 28 '09 at 1:24

source share

5 answers

RestrictedPython (shown in the link provided) looks promising. I can’t say that I really tried to do this.

, , Linux , . , , , . , VM, , ( ).

2 . Python.

+2

David Brown 28 . '09 1:47

, 100% , chroot'ing - . , chroot'd . script ( - oops!), infiltrater script, .

python, Python.

+1

Jon Cage 28 . '09 10:20

, :

, import .
_import_ reload.
API , , WSGI, . API- . , .

0

S.Lott 28 . '09 11:16

FWIW, Apache/mod_wsgi 3.0 chroot.

, , .

If you also want users to not interfere with other users' code, and there may be an arbitrary number of users that can dynamically change, this is more complicated, although Apache / mod_wsgi does not yet have a function for dynamic groups of daemon processes and instead relies on a static configuration.

0

Graham dumpleton Oct 28 '09 at 10:19

source share

z8000 · Accepted Answer · 2009-10-28T05:42:18+0000

Lua has the best sandbox and watch I've seen so far. My host language is Python. So I decided to go with Lunatic Python .

How do you control, manage and run untrusted third-party code in a hosted service?

More articles: