Date: Wed, 13 Jun 2001 09:24:02 +0300 From: Alex Popa <razor@ldc.ro> To: security@freebsd.org Subject: Compiling untrusted source -- what are the risks? Message-ID: <20010613092402.A8413@ldc.ro>
next in thread | raw e-mail | index | archive | help
What would be the risks of setting up a server that will evaluate some programs, something like USACO or ACM competitions? The user submits the source, and the machine should compile it, run it against a number ot test cases, and then produces a result - program accepted, wrong answer, compile error or run-time error. The step I am worried about is the compiling, since I do need to have the include files and libraries available. The output should be a statically linked file, which would run in a jail (separate one per source file) which contains nothing more than the compiled binary, and the input file. The evaluation program will run in a separate jail, given only the output file from the program, and maybe an "expected results" file. I plan on using ipfw to block all traffic on that machine (will be a dedicated machine) not coming from a few trusted uids (like root and the evaluation process). I also plan setting up resource limits, and not running more evaluation jobs at the same time (ruins timing). Do you think this is feasible using FreeBSD, or is there something I have missed, something that would get my machine rooted and "dd if=/dev/zero of=/dev/ad0"ed? Thanks a lot Alex ------------+------------------------------------------ Alex Popa, | "Artificial Intelligence is razor@ldc.ro| no match for Natural Stupidity" ------------+------------------------------------------ "It took the computing power of three C-64s to fly to the Moon. It takes a 486 to run Windows 95. Something is wrong here." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010613092402.A8413>