CS50 Sandbox: Secure Execution of Untrusted Code

DSpace/Manakin Repository

CS50 Sandbox: Secure Execution of Untrusted Code

Citable link to this page

 

 
Title: CS50 Sandbox: Secure Execution of Untrusted Code
Author: Malan, David J.
Citation: Malan, David J. 2013. CS50 Sandbox: Secure execution of untrusted code. In Proceedings of the 44th SIGCSE Technical Symposium on Computer Science Education (SIGCSE '13). Denver, CO, March 2013, 141-146. New York: Association for Computing Machinery.
Full Text & Related Files:
Abstract: We introduce CS50 Sandbox, an environment for secure execution of untrusted code. Implemented as an asynchronous HTTP server, CS50 Sandbox offers clients the ability to execute programs (both interactive and non-interactive) written in any compiled or interpreted language in a tightly controlled, resource-constrained environment. CS50 Sandbox’s HTTP-based API takes files, command lines, and standard input as inputs and returns standard output and error plus exit codes as outputs. Atop CS50 Sandbox, we have built CS50 Run, a web- based code editor that enables students to write code in a browser in any language, whether compiled or interpreted, that’s executed server-side within a sandboxed environment. And we have built CS50 Check, an autograding framework that supports black- and white-box testing of students’ code, leveraging CS50 Sandbox to run series of checks against students’ programs, no matter the language of implementation. We present in this work the pedagogical motivations for each of these tools, along with the underlying designs thereof. Each is available as open source.
Published Version: 10.1145/2445196.2445242
Terms of Use: This article is made available under the terms and conditions applicable to Other Posted Material, as set forth at http://nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of-use#LAA
Citable link to this page: http://nrs.harvard.edu/urn-3:HUL.InstRepos:10745001
Downloads of this work:

Show full Dublin Core record

This item appears in the following Collection(s)

 
 

Search DASH


Advanced Search
 
 

Submitters