An online programming assignment grading system.
CRJudge runs lots of user-submitted arbitrary codes. It should run codes in a restricted environment. So we need tools to sandbox submitted codes in CRJudge.
You can improve security by enabling shield alongside Sandbox.
CRJudge uses EasySandbox for sandboxing C/C++ codes. EasySandbox limits the running code using seccomp, a sandboxing mechanism in Linux kernel.
By default, EasySandbox is disabled in CRJudge. You can enable it from Settings page. But you must “build EasySandbox” before enabling it.
EasySandbox files are located in tester/easysandbox. For building EasySandbox run:
$ cd tester/easysandbox
$ chmod +x runalltests.sh
$ chmod +x runtest.sh
$ make runtests
If it printed the message All tests passed!, EasySandbox is built successfully and can be enabled on your system. You can enable EasySandbox in Settings page.
Java sandbox is enabled by default using Java Security Manager. You can enable/disable it in Settings page.