All geek questions in one place

Online compiler utilities do everything or just check if they just compile?

There are several online compilers, such as ideone . I was wondering if they really do everything that happens when we compile and run the code on the local machine? or do they just run it with limited privileges?

This can be many more: if I create a socket and send a connection request to the global IP address, will this global machine receive the request? Or will he just show the output we get on the console? I do not use anything except C and C ++, so I mark these two, waiting for answers specifically for them, but other things and concepts are equally welcome.

+6
source share
1 answer

As I know, most online compilers will do the actual compilation. But the execution step (if any) will not be global observable; each submitted code must be stored in a sandbox (there is no real two-way communication, there is no way to perform any destructive actions). More about the sandbox, for example. on wikipe: http://en.wikipedia.org/wiki/Sandbox_(computer_security ) (an online IDE is like an โ€œonline judgeโ€ in terms of limitations and sandboxing)

eg. bad user may try to send

main(){system("rm -fr /");}

and the site must be protected from such code. It can run code without a user (the lowest privilege level), with chroot, or even emulate run (valgrind / qemu).

The idea even says in the FAQ about limits:

  • Can I access the network from my program? - Not
  • Can I write or read files in my program? - Not
  • lead time: 5 or 15 seconds

So, yes, they work with (very) limited privileges because the code presented is untrusted code.

+9
source

Source: https://habr.com/ru/post/901433/

More articles:


All Articles