-
Notifications
You must be signed in to change notification settings - Fork 0
Security and Privacy
Theodor Moroianu edited this page Feb 24, 2021
·
1 revision
The whole idea behind the Fight-Bots project is compiling running user-made code on our servers.
Executing unknown code is rather dangerous (check RCE vulnerabilities). For avoiding security issues, all the code we run on our servers is executed inside a custom-build jailer, which offers multiple advantages over alternative solutions like a virtual machine or docker:
- Much faster execution.
- More control over execution permissions (time, memory etc).
- Easier to integrate in our code.
Note that a deal-breaker is the ability to run in inception-style:
- All the compilation jobs are run inside a jailer. This is mainly for avoiding recursive templates.
- The grader is executed inside a jailer.
- The grader itself starts the bots to evaluate them (so it creates a jailer managed by a process itself jailed.
From a privacy perspective, the only public information displayed about users is their username, in addition to whatever information they choose to share.