Skip to content
This repository was archived by the owner on May 26, 2025. It is now read-only.

alerighi/tabox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

108 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

WARNING

This project is no longer maintained.

Please submit issues and pull requests to the maintained fork at olimpiadi-informatica/tabox.

tabox

Docs crates.io

A minimal program to securely execute untrusted executables in a sandboxed environment.

Featres:

  • measure and limit accurately the usage of the following resources:
    • CPU time in nanoseconds (both user, system)
    • memory usage (maximum residente set size - RSS) in bytes
    • wall time
  • doesn't require root privileges (altough it requires user namespaces enabled, something that some distributions disable by default)
  • dedicated filesystem for the sandbox with the possibility to bind-mount directories on the local filesyste, both read-only and read-write
  • works also on macOS, altough in that system no real sandboxing is done and some features are not available (e.g. bind mounts)

This sandbox is currently used by task-maker-rust to securely execute user submissions.

License: MPL-2.0

About

Sandbox for task-maker and TuringArena

Resources

Readme

License

MPL-2.0 license
Activity

Stars

7 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases 1

1.3.2 Latest
May 11, 2024

Packages

No packages published

Contributors 5

Languages