Mascali
/
piston
mirror of https://github.com/engineer-man/piston.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update readme, set c to run everything under a runner

This commit is contained in:
Brian Seymour 2021-01-13 01:36:10 -06:00
parent 9c985a1e5b
commit e6e1c093d6
2 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lxc/executors/c
View File

@ -1,3 +1,4 @@
cd /tmp/$2
timeout -s KILL 10 gcc -std=c11 -o binary -x c code.code
runuser runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 ./binary"
runuser runner$1 -c "\
cd /tmp/$2 ; \
timeout -s KILL 10 gcc -std=c11 -o binary -x c code.code \
cat args.args | xargs -d '\n' timeout -s KILL 3 ./binary"

13
readme.md
View File

@ -16,7 +16,7 @@ Important Note: The Piston API is rate limited to 5 requests per second
Updated installation instructions coming soon. See `var/install.txt` for how to do it from scratch.
#### CLI Usage
- `lxc/execute [language] [file path] [arg]...`
- `lxc/execute [language] [file path] [args]`
#### API Usage
To use the API, it must first be started. To start the API, run the following:
@ -41,6 +41,9 @@ This endpoint takes no input and returns a JSON array of the currently installed
Truncated response sample:
```json
HTTP/1.1 200 OK
Content-Type: application/json
[
{
"name": "awk",
@ -74,6 +77,9 @@ source is not provided, a blank file is passed as the source.
```
A typical response when everything succeeds will be similar to the following:
```json
HTTP/1.1 200 OK
Content-Type: application/json
{
"ran": true,
"language": "js",
@ -83,6 +89,9 @@ A typical response when everything succeeds will be similar to the following:
```
If an invalid language is supplied, a typical response will look like the following:
```json
HTTP/1.1 400 Bad Request
Content-Type: application/json
{
"code": "unsupported_language",
"message": "whatever is not supported by Piston"
@ -96,6 +105,7 @@ If an invalid language is supplied, a typical response will look like the follow
- cpp
- csharp
- deno
- erlang
- elixir
- emacs
- go
@ -130,6 +140,7 @@ various privilege escalation, denial-of-service, and resource saturation threats
- Capping max processes at 64 (resists `:(){ :|: &}:;`, `while True: os.fork()`, etc.)
- Capping max files at 2048 (resists various file based attacks)
- Mounting all resources read-only (resists `sudo rm -rf --no-preserve-root /`)
- Cleaning up all temp space after each execution (resists out of drive space attacks)
- Running as a variety of unprivileged users
- Capping runtime execution at 3 seconds
- Capping stdout to 65536 characters (resists yes/no bombs and runaway output)