Go to file
Brian Seymour 5ea7da87a1 set executor to executable 2019-06-11 00:00:56 -05:00
api add support for bash 2019-06-10 23:55:53 -05:00
lxc set executor to executable 2019-06-11 00:00:56 -05:00
tests update tests to include bash 2019-06-10 23:57:25 -05:00
var modify repo and docs for lxc only 2019-05-31 13:09:47 -05:00
.gitignore file locking 2018-11-02 00:21:22 -05:00
license poc work 2018-09-19 21:58:50 -05:00
readme.md fix path error 2019-05-31 15:57:46 -05:00

readme.md

Piston

Piston is the underlying engine for running untrusted and possibly malicious code that originates from from EMKC contests and challenges. It's also used in the Engineer Man Discord server via felix bot.

Installation

# clone and enter repo
git clone https://github.com/engineer-man/piston
cd piston/lxc

# install dependencies

# centos:
yum install -y epel-release
yum install -y lxc lxc-templates debootstrap libvirt

# everything else:
# not documented, please open pull requests with commands for ubuntu/debian/arch/macos

# start libvirtd
systemctl start libvirtd

# create and start container
lxc-create -t download -n piston -- --dist ubuntu --release bionic --arch amd64
./start

# open a shell to the container
./shell

# install all necessary piston dependencies
echo 'export PATH=/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin' >> /root/.bashrc
echo 'export PATH=$PATH:/root/.cargo/bin' >> /root/.bashrc
sed -i \
    's/http:\/\/archive.ubuntu.com\/ubuntu/http:\/\/mirror.math.princeton.edu\/pub\/ubuntu/' \
    /etc/apt/sources.list
apt-get update
apt-get -y install git tzdata nano \
    dpkg-dev build-essential python python3 \
    ruby nodejs golang php7.2 r-base mono-complete \
    nasm openjdk-8-jdk ubuntu-make bf
umake swift
ln -s /root/.local/share/umake/swift/swift-lang/usr/bin/swift /usr/bin/swift
curl https://sh.rustup.rs -sSf | sh
ln -s /root/.cargo/bin/rustc /usr/bin/rustc
rm -rf /home/ubuntu
chmod 777 /tmp
chmod 777 -R /root

# create runnable users and apply limits
for i in {1..150}; do
    useradd -M runner$i
    usermod -d /tmp runner$i
    echo "runner$i soft nproc 64" >> /etc/security/limits.conf
    echo "runner$i hard nproc 64" >> /etc/security/limits.conf
    echo "runner$i soft nofile 2048" >> /etc/security/limits.conf
    echo "runner$i hard nofile 2048" >> /etc/security/limits.conf
done

# leave container
exit

# optionally run tests
cd ../tests
./test_all_lxc

Usage

  • lxc/execute [language] [path] [arg]...

Supported Languages

Currently python2, python3, c, c++, go, node, ruby, r, c#, nasm, php, java, and brainfuck is supported.

Principle of Operation

Piston utilizes LXC as the primary mechanism for sandboxing. There is a small API written in Go which takes in execution requests and executes them in the container. High level, the API writes a temporary source and args file to /tmp and that gets mounted read-only along with the execution scripts into the container. The source file is either ran or compiled and ran (in the case of languages like c, c++, c#, go, etc.).

Security

LXC provides a great deal of security out of the box in that it's separate from the system. Piston takes additional steps to make it resistant to various privilege escalation, denial-of-service, and resource saturation threats. These steps include:

  • Disabling outgoing network interaction
  • Capping max processes at 16 (resists :(){ :|: &}:;, while True: os.fork(), etc.)
  • Capping max files at 256 (resists various file based attacks)
  • Mounting all resources read-only (resists sudo rm -rf --no-preserve-root /)
  • Capping runtime execution at 3 seconds
  • Capping stdout to 65536 characters (resists yes/no bombs and runaway output)
  • SIGKILLing misbehaving code

License

Piston is licensed under the MIT license.