current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Information Security Stack Exchange is a question and answer site for information security professionals. Join them; it only takes a minute:

Sign up
Here's how it works:
  1. Anybody can ask a question
  2. Anybody can answer
  3. The best answers are voted up and rise to the top
up vote 4 down vote favorite

I want to make a little programming puzzle on my website. There's going to be a task. The user will be asked to upload an c++ source file with her solution. The file should be compiled, run with some input and checked if it produces right output. What are the security risk? How to make sure, the uploaded file won't be able to do anything malicious?

Alternatively: there are sites like https://www.tutorialspoint.com/compile_cpp_online.php how do they manage the security?

Thanks for any answers.

share|improve this question
2  
repl.it/languages/cpp has an online C++ sandbox. their free API will give you 25000 compiles with 10 concurrent users – J.A.K. 5 hours ago
up vote 10 down vote

It is impossible to analyze a program to find out if it will do anything malicious. That is true regardless of whether you are attempting to analyze the source or compiled code.

The way to do what you are asking for is done by compiling and running the code in a sandbox. Once the program has terminated (or after a timeout you have decided upon) you destroy the sandbox.

The security of such a construction is as secure as the sandbox you are using. Depending on the requirements of the code you need to run the sandbox could be either something simple like Linux secure computing mode, or something complicated like a full blown virtual machine - ideally without network connectivity.

The more complicated the sandbox you need the larger risk of a security vulnerability in the sandbox undermining an otherwise good design.

Some languages can safely be compiled outside a sandbox. But there are languages where even compiling them can consume unpredictable amount of resources. This question on a sister site shows some examples of how a small source code can blow up to a large output.

If the compiler itself is free from vulnerabilities it may be sufficient to set limits on the amount of CPU, memory, and disk space it is allowed to consume. For better security you can run the compiler inside a virtual machine.

Obviously these methods can be combined for an additional layer of security. If I were to construct such a system I would probably start a virtual machine and inside the virtual machine use ulimit to limit the resource usage of the compiler. Then I would link the compiled code in a wrapper to run it in secure computing mode. Finally still inside the virtual machine I would run the linked executable.

share|improve this answer
1  
One thing that might bear pointing out is that the machine should be in a quarantined network segment and if possible not allowed to initiate outgoing network connections. Being raided by the FBI because you attempted to hack into whatever the current administration is sensitive about is no fun. – DRF 2 hours ago
    
@DRF Actually it should not be given network connectivity at all. I thought about that but forgot to include it in my answer. I have included it now. – kasperd 2 mins ago

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.