Reputation: 121
How to compile and execute c++ program safely with security restrictions?
I am looking for a way to compile and execute c++ program in a folder such that it will not have access to other folders or programs outside the folder in which it is being executed. I am trying to build an online c++ compiler.
Things I want to avoid from a program is to access any file outside the folder, change/ delete any file or create new files and copy at a new location. All to save the server from malicious code being executed and bringing the system down.
I have a windows environment but if there is a better way to achieve then linux would do well. I have looked for user roles in windows, access permissions and some 3d party apps like sandboxy as well, but not convinced with any of it.
Any suggestions?
Upvotes: 0
Views: 605
Answers (2)
Reputation: 279265
chroot is used for this on on *nix systems, but make sure you also run the code as a user with sufficiently restricted privileges to stop them just undoing the chroot: http://kerneltrap.org/Linux/Abusing_chroot
For Windows equivalent: https://serverfault.com/questions/161507/is-there-a-windows-equivalent-to-chroot, although it doesn't look as though that question got a huge amount of attention.
Upvotes: 2
Reputation: 1686
you can apply a system-wide permission assigned to the users which let them only to read/write/execute only inside a specific folder. so he/she can't access outside world nor create files/folders, etc.
Upvotes: 1
Related Questions
- Run C++ in VM, Securely
- how to execute c code securely
- Secure C++ coding practices
- secure my program from RE
- c++ Protect access to public functions
- Completely Deny Access To Files C++
- make compiling in "safe mode" for a C++ program
- protecting C++ code in program
- How-to ensure that compiler optimizations don't introduce a security risk?