You might try a simple server architecture, which depending on your needs, may be truly-threaded or simply forked. Runaway processes can be easily STOPped or KILLed if your server is paying attention. Invoking a forked process prepended with the "nice" command is certainly an option. Using SIGALRM is generally a bad idea for any security considerations. You could also give the "modified" interpreter a separate user or group in which you can set limits of quota, swap usage, CPU time and system time. That's sounds like alot of encapsulation for an untrusted user who would have access to your system. Is it really worth it? Under the best circumstances, you'd probably need a separate computer to guarantee the safety of your own stuff. The unltimate answer depends on how much you can trust your users or how much you are able to track them (Which libs should they not have access to, etc.) If you need more help, or if you want Olga to call, just reply below...
AgentM Systems nor Nasca Enterprises nor
Bone::Easy nor Macperl is responsible for the
comments made by
AgentM. Remember, you can build any logical system with NOR.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|