Skip to content
This repository has been archived by the owner on Jul 15, 2020. It is now read-only.
/ code-runner-sandbox Public archive

A code execution sandbox to run or test untrusted code and return the output

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jakhax/code-runner-sandbox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
bin
bin
 
 
config
config
 
 
public
public
 
 
src
src
 
 
.env
.env
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 
symfony.lock
symfony.lock
 
 

Repository files navigation

Code Runner Sandbox

Migrated to https://github.com/jakhax/sandman

Description

  • A code execution sandbox to run untrusted code and return the output.
  • Currently am using docker images as the sandbox environment, see security section for concerns about this method.
  • Users can submit their code in any of the supported languages. The system will test the code in an isolated environment.
  • This way you do not have to worry about untrusted code possibly damaging your server intentionally or unintentionally.
  • You can use this system to allow your users to compile their code right in the browser.
  • Currently written in PHP, migrating to Golang soon.

Supported Languages

The following languages

  • Python
    • Currently only unit test library is supported for test strategy.
  • Javascript
  • C/C++
  • PHP
  • Golang.

How it works

  • The sanbox has two strategies:
    • run code - execute user code and return output.
    • run test - run tests against user code (like codewars) and return test results.
// code runner interface
interface RunnerInterface
{
    public function runCodeStrategy(array $data):array;
    public function runTestStrategy(array $data):array;
}
  • The sandbox interface looks like this
interface SandboxInterface
{
    public function start(array $opt):?array;
}
  • opt is the payload to be processed it's an array with the following fields
    • strategy can be run or test.
    • languageName currently only python3 is supported.
    • solutionCode user submitted code.
  • for example
$opt=[
    "languageName"=>"python3",
    "solutionCode"=>"print(1+2)",
    "strategy"=>"run",
];

Installation

Requirements

  • docker
  • composer
composer install
  • Build docker images, e.g for python3
cd src/Service/Sandbox/runners/PythonRunner/
chmod +x docker-build.sh
./docker-build.sh

Security

Am still researching about the security of this approach, here are some resources, that is to say this project is not production ready yet.

Contribution

  • Pull requests are welcomed.
  • Am considering using LLVM instead but i have no exprience, so such an implementation would be cool.
  • You can contribute by writing a code runner for an unsupported language, see the runner interface first though.

About

A code execution sandbox to run or test untrusted code and return the output

Topics

docker php symfony sandboxing sandbox-development

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages