Shayan Peyghambari Shayan Peyghambari - 2 months ago 8
C++ Question

Changing the permission of a program in Linux

My question is similar to this question, but i didn't get my answer.

I am trying to design a judge.


The users of the online judge system submit their source code, then
the server program compiles and runs it. So the server program must
keep the server safe.


And there are a lot of things a user can use to make changes to the server.

How can i change the permission of a program? So that compiled code won't be able to do anything except printing something!

P.S: searching for suspicioius words is not a good idea. For instance, The user can use the following command instead of word
system
in C++:

#define glue(a,b) a ## b
glue(sys,tem) ("rm *"); //DO NOT RUN THIS CODE


So actually user used the following code without using the word
system
:

system ("rm *"); //DO NOT RUN THIS CODE

Answer

You can run them in a chroot jail, with user id set to nobody or some nonce account if nobody actually can do something significant. (You can use su or sudo for this.) Or even in their own VM. Pipe the output into a file, and read it from your judge program.