gpt4 book ai didi

security - assembly 安全

转载 作者:行者123 更新时间:2023-12-04 11:56:43 35 4
gpt4 key购买 nike

我目前正在为某些人提供程序集编译服务。他们可以在在线编辑器中输入汇编代码并进行编译。然后编译它时,代码通过ajax请求发送到我的服务器,编译并返回程序的输出。

但是,我想知道我可以做些什么来防止对服务器造成任何严重损坏。我对自己组装还很陌生,所以当他们在我的服务器上运行他们的脚本时有什么可能?他们可以删除或移动文件吗?有没有办法防止这些安全问题?

先感谢您!

最佳答案

看看http://sourceforge.net/projects/libsandbox/ .它专为在 linux 服务器上执行您想要的操作而设计:

This project provides API's in C/C++/Python for testing and profiling simple (single process) programs in a restricted environment, or sandbox. Runtime behaviours of binary executable programs can be captured and blocked according to configurable / programmable policies.

The sandbox libraries were originally designed and utilized as the core security module of a full-fledged online judge system for ACM/ICPC training. They have since then evolved into a general-purpose tool for binary program testing, profiling, and security restriction. The sandbox libraries are currently maintained by the OpenJudge Alliance (http://openjudge.net/) as a standalone, open-source project to facilitate various assignment grading solutions for IT/CS education.

关于security - assembly 安全,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/10820614/

35 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com