Open jhibberd opened 10 years ago
Bots being executed on the server should not be trusted. Bots should do little more than run computations in their own memory space. They should not access the filesystem, network, etc.
There are several potential solutions: http://en.wikipedia.org/wiki/Seccomp http://en.wikipedia.org/wiki/Security-Enhanced_Linux https://wiki.debian.org/SELinux
Bots being executed on the server should not be trusted. Bots should do little more than run computations in their own memory space. They should not access the filesystem, network, etc.
There are several potential solutions: http://en.wikipedia.org/wiki/Seccomp http://en.wikipedia.org/wiki/Security-Enhanced_Linux https://wiki.debian.org/SELinux