diff --git a/lxc/executors/bash b/lxc/executors/bash index 07ee438..1aae8ca 100755 --- a/lxc/executors/bash +++ b/lxc/executors/bash @@ -1,2 +1,2 @@ cd /tmp/$2 -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 bash code.code" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 bash code.code" diff --git a/lxc/executors/c b/lxc/executors/c index 0cd5424..9752eab 100755 --- a/lxc/executors/c +++ b/lxc/executors/c @@ -1,3 +1,3 @@ cd /tmp/$2 timeout -s KILL 10 gcc -o binary -x c code.code -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 ./binary" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 ./binary" diff --git a/lxc/executors/cpp b/lxc/executors/cpp index 64a5157..7d425a6 100755 --- a/lxc/executors/cpp +++ b/lxc/executors/cpp @@ -1,3 +1,3 @@ cd /tmp/$2 timeout -s KILL 10 g++ -o binary -x c++ code.code -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 ./binary" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 ./binary" diff --git a/lxc/executors/csharp b/lxc/executors/csharp index 3124788..a9850df 100755 --- a/lxc/executors/csharp +++ b/lxc/executors/csharp @@ -1,3 +1,3 @@ cd /tmp/$2 timeout -s KILL 10 mcs $(echo code.code | sed 's/\///') -nowarn:0219 -out:binary -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 mono binary" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 mono binary" diff --git a/lxc/executors/go b/lxc/executors/go index 5084a30..cf3d7b9 100755 --- a/lxc/executors/go +++ b/lxc/executors/go @@ -3,4 +3,4 @@ cp code.code interim.go file="interim.go" GOROOT=/usr/lib/go timeout -s KILL 10 go build $file file=${file%%.*} -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 ./$file" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 ./$file" diff --git a/lxc/executors/java b/lxc/executors/java index 7c8d1ff..a5855de 100755 --- a/lxc/executors/java +++ b/lxc/executors/java @@ -3,4 +3,4 @@ cp code.code interim.java name=$(cat interim.java | grep -Eo 'public\s+class\s+([A-Za-z0-9]+)' | sed -n 's/ */ /gp' | cut -d' ' -f3) mv interim.java $name.java timeout -s KILL 10 javac $name.java -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 java $name" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 java $name" diff --git a/lxc/executors/nasm b/lxc/executors/nasm index 661db6c..7bdfe69 100755 --- a/lxc/executors/nasm +++ b/lxc/executors/nasm @@ -1,4 +1,4 @@ cd /tmp/$2 timeout -s KILL 10 nasm -f elf64 -o binary.o code.code timeout -s KILL 10 ld binary.o -o binary -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 ./binary" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 ./binary" diff --git a/lxc/executors/node b/lxc/executors/node index 73c2f80..6682176 100755 --- a/lxc/executors/node +++ b/lxc/executors/node @@ -1,2 +1,2 @@ cd /tmp/$2 -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 nodejs code.code" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 nodejs code.code" diff --git a/lxc/executors/php b/lxc/executors/php index 5731b85..2e4753a 100755 --- a/lxc/executors/php +++ b/lxc/executors/php @@ -1,2 +1,2 @@ cd /tmp/$2 -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 php code.code" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 php code.code" diff --git a/lxc/executors/python2 b/lxc/executors/python2 index 8ccb484..06437ed 100755 --- a/lxc/executors/python2 +++ b/lxc/executors/python2 @@ -1,2 +1,2 @@ cd /tmp/$2 -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 python2 code.code" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 python2 code.code" diff --git a/lxc/executors/python3 b/lxc/executors/python3 index ef5b036..a9c7950 100755 --- a/lxc/executors/python3 +++ b/lxc/executors/python3 @@ -1,2 +1,2 @@ cd /tmp/$2 -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 python3.6 code.code" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 python3.6 code.code" diff --git a/lxc/executors/r b/lxc/executors/r index b12ee07..e50da72 100755 --- a/lxc/executors/r +++ b/lxc/executors/r @@ -1,2 +1,2 @@ cd /tmp/$2 -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 Rscript code.code" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 Rscript code.code" diff --git a/lxc/executors/ruby b/lxc/executors/ruby index 11b12b2..ff54c41 100755 --- a/lxc/executors/ruby +++ b/lxc/executors/ruby @@ -1,2 +1,2 @@ cd /tmp/$2 -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 ruby code.code" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 ruby code.code" diff --git a/lxc/executors/rust b/lxc/executors/rust index 46533c7..b5be0b0 100755 --- a/lxc/executors/rust +++ b/lxc/executors/rust @@ -1,3 +1,3 @@ cd /tmp/$2 timeout -s KILL 10 rustc -o binary code.code -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 ./binary" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 ./binary" diff --git a/lxc/executors/swift b/lxc/executors/swift index cf8e2e0..d07183b 100755 --- a/lxc/executors/swift +++ b/lxc/executors/swift @@ -1,2 +1,2 @@ cd /tmp/$2 -runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 swift code.code" +runuser -l runner$1 -c "cd /tmp/$2 ; cat args.args | xargs timeout -s KILL 3 swift code.code" diff --git a/readme.md b/readme.md index 07d7fb5..8d55e36 100644 --- a/readme.md +++ b/readme.md @@ -66,10 +66,10 @@ cd ../tests ``` #### Usage -- `lxc/execute [language] [path] [arg]...` +- `lxc/execute [language] [file path] [arg]...` #### Supported Languages -Currently python2, python3, c, c++, go, node, ruby, r, c#, nasm, php, java, and brainfuck is supported. +Currently python2, python3, c, c++, go, node, ruby, r, c#, nasm, php, java, swift, brainfuck, rust, and bash is supported. #### Principle of Operation Piston utilizes LXC as the primary mechanism for sandboxing. There is a small API written in Go which takes @@ -82,9 +82,10 @@ LXC provides a great deal of security out of the box in that it's separate from Piston takes additional steps to make it resistant to various privilege escalation, denial-of-service, and resource saturation threats. These steps include: - Disabling outgoing network interaction -- Capping max processes at 16 (resists `:(){ :|: &}:;`, `while True: os.fork()`, etc.) -- Capping max files at 256 (resists various file based attacks) +- Capping max processes at 64 (resists `:(){ :|: &}:;`, `while True: os.fork()`, etc.) +- Capping max files at 2048 (resists various file based attacks) - Mounting all resources read-only (resists `sudo rm -rf --no-preserve-root /`) +- Running as a variety of unprivileged users - Capping runtime execution at 3 seconds - Capping stdout to 65536 characters (resists yes/no bombs and runaway output) - SIGKILLing misbehaving code