I'm looking into sandboxing techniques for running untrusted code, specifically for the same use case isolate was developed for (programming contests). I'm curious about a couple of things:
How does isolate compare to sandboxing techniques that employ Docker to run the programs in terms of security?
Would it be possible to set hard limits on CPU and memory usage for processes using isolate? e.g 512 MB of memory and 1 CPU per submission
I'm looking into sandboxing techniques for running untrusted code, specifically for the same use case isolate was developed for (programming contests). I'm curious about a couple of things:
How does isolate compare to sandboxing techniques that employ Docker to run the programs in terms of security?
Would it be possible to set hard limits on CPU and memory usage for processes using isolate? e.g 512 MB of memory and 1 CPU per submission