majuwa
commented
2 years ago Thanks for the start of the discussion. I think the security manager might be temporary a good solution. At least to my knowledge Artemis will also have the problem with the depraction/removal of the security manager. It might be a good idea then to use the same approach as they are, if it is possible.
dfuchss
Is your feature request related to a problem? Please describe.
Sometimes it is necessary for tutors to execute submissions, e.g. because they can not easily be tested automatically. However executing code from an untrusted source is not the best idea. There should be some way to execute the code without really riscing anything.
Describe the solution you'd like
We might consider to add a button to quickly launch the submission inside of a docker-container. This whould probably quite easy to implement (assuming docker is installed) and provide a quite secure/sandboxed execution environment. However, while this will be perfectly possible for the programming lecture, this might be a problem for SWT as I heard they might need JavaFX which will probably get quite tricky to get working inside of docker. Technically docker supports X11-forwarding natively on linux and also on Windows when using WSLg (which in turn requires Windows 11, as [at time of writing] the Windows 10-kernel still lacks some features regarding GPU virtualization; there is an ongoing discussion about this support in Windows 10). There would also be a way around wslg but this would require some other software simulating xserver on Windows which I don't realy like. EDIT: Got an idea which might move this issue even more into "future work" than it is right now: We could use guacamole server (as used in "webtop" to stream the gui directly into a browser). I'll take a look at this.
Another option would be to use something like the SecurityManager (or the SDQ-Version used for tests in Artemis). However this approach might become a probleme hence the SecurityManager is deprecated.
Maybe we could also "abuse" the dependency-test we use anyway on every submission to create a warning if the submission uses any feature that might get dangerous. Yet I don't realy like this approch either hence its protection strongly depends on the task to set strict boundarys regarding the allowed java-features which will, again, be a problem with SWT.
I'm open to hear other ideas on how to implement such a protection.