3

Is there a way to create a sandbox environment inside C++ where you can either: - Run processes in - Load Dynamic Libraries in (Linux)

Dynamic Libraries are preferred because the easy communication between the main process and the sand-boxed processes.

A sand-boxed process should not be able to put memory on the heap or interact with the Kernel / Operating System. Instead the main process will provide an interface to do these things.

Is there any way to do this? I could create a script interpreter but that'd take away a lot of the speed. I'd like to keep the speed loss minimal.

Jeroen
  • 15,257
  • 12
  • 59
  • 102
  • 1
    "Putting memory on the stack" is a fundamental operation in C-like languages. All C / C++ programs will use the stack. –  Jul 11 '13 at 15:10
  • @duskwuff heap*, I corrected it. :D – Jeroen Jul 11 '13 at 15:19
  • 1
    maybe this helps: http://stackoverflow.com/questions/4249063/how-can-i-run-an-untrusted-c-program-in-a-sandbox-in-linux – WoJo Jul 11 '13 at 15:34
  • @Binero: That's really not a reasonable thing to expect of a program either. The stdio library (e.g, `printf()`) uses memory allocated on the heap for buffers. –  Jul 11 '13 at 15:46
  • Maybe [Qemu](http://www.qemu.org) could be useful (even if a bit overkill). – Basile Starynkevitch Jul 11 '13 at 20:17
  • @duskwuff The main application will provider an interface for these things. – Jeroen Jul 11 '13 at 23:05

1 Answers1

-4

You can use some software which provides sandbox environment. Use can provide memory limit, time limit etc. and other parameters to the application. I used a sandbox file when I created some online judge and needed to execute c++ files of other users in a limited environment.

Shashwat Kumar
  • 5,159
  • 2
  • 30
  • 66
  • All you've done here is restate the question. You haven't actually provided an answer. –  Jul 11 '13 at 23:28