Mascali
/
piston
mirror of https://github.com/engineer-man/piston.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update readme, set c to run everything under a runner

This commit is contained in:
Brian Seymour 2021-01-13 01:36:10 -06:00
parent 9c985a1e5b
commit e6e1c093d6
2 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lxc/executors/c
View File

@ -1,3 +1,4 @@
cd /tmp/$2 runuser runner$1 -c "\
timeout -s KILL 10 gcc -std=c11 -o binary -x c code.code cd /tmp/$2 ; \
runuser runner$1 -c "cd /tmp/$2 ; cat args.args | xargs -d '\n' timeout -s KILL 3 ./binary" timeout -s KILL 10 gcc -std=c11 -o binary -x c code.code \
cat args.args | xargs -d '\n' timeout -s KILL 3 ./binary"

13
readme.md
View File

@ -16,7 +16,7 @@ Important Note: The Piston API is rate limited to 5 requests per second
Updated installation instructions coming soon. See `var/install.txt` for how to do it from scratch. Updated installation instructions coming soon. See `var/install.txt` for how to do it from scratch.
#### CLI Usage #### CLI Usage
- `lxc/execute [language] [file path] [arg]...` - `lxc/execute [language] [file path] [args]`
#### API Usage #### API Usage
To use the API, it must first be started. To start the API, run the following: To use the API, it must first be started. To start the API, run the following:
@ -41,6 +41,9 @@ This endpoint takes no input and returns a JSON array of the currently installed
Truncated response sample: Truncated response sample:
```json ```json
HTTP/1.1 200 OK
Content-Type: application/json
[ [
{ {
"name": "awk", "name": "awk",
@ -74,6 +77,9 @@ source is not provided, a blank file is passed as the source.
``` ```
A typical response when everything succeeds will be similar to the following: A typical response when everything succeeds will be similar to the following:
```json ```json
HTTP/1.1 200 OK
Content-Type: application/json
{ {
"ran": true, "ran": true,
"language": "js", "language": "js",
@ -83,6 +89,9 @@ A typical response when everything succeeds will be similar to the following:
``` ```
If an invalid language is supplied, a typical response will look like the following: If an invalid language is supplied, a typical response will look like the following:
```json ```json
HTTP/1.1 400 Bad Request
Content-Type: application/json
{ {
"code": "unsupported_language", "code": "unsupported_language",
"message": "whatever is not supported by Piston" "message": "whatever is not supported by Piston"
@ -96,6 +105,7 @@ If an invalid language is supplied, a typical response will look like the follow
- cpp - cpp
- csharp - csharp
- deno - deno
- erlang
- elixir - elixir
- emacs - emacs
- go - go
@ -130,6 +140,7 @@ various privilege escalation, denial-of-service, and resource saturation threats
- Capping max processes at 64 (resists `:(){ :|: &}:;`, `while True: os.fork()`, etc.) - Capping max processes at 64 (resists `:(){ :|: &}:;`, `while True: os.fork()`, etc.)
- Capping max files at 2048 (resists various file based attacks) - Capping max files at 2048 (resists various file based attacks)
- Mounting all resources read-only (resists `sudo rm -rf --no-preserve-root /`) - Mounting all resources read-only (resists `sudo rm -rf --no-preserve-root /`)
- Cleaning up all temp space after each execution (resists out of drive space attacks)
- Running as a variety of unprivileged users - Running as a variety of unprivileged users
- Capping runtime execution at 3 seconds - Capping runtime execution at 3 seconds
- Capping stdout to 65536 characters (resists yes/no bombs and runaway output) - Capping stdout to 65536 characters (resists yes/no bombs and runaway output)