[Karliss]

From a quick glance it looked quite worrying, many red flags. I didn't look too carefully so some of this might be wrong or I missed where it's done.

* Results from the untrusted part inside container are returned using pickle. Which can be used to achieve arbitrary code execution outside container.

* no time limiting

* no memory limiting

* Untrusted code is run as root in the container which by default is same user as root outside container. From what I understand it isn't as bad as it was in earlier docker versions but still not great.

* untrusted code is run in the same process as semitrusted run_lang code, which means that the untrusted code with little bit of effort can manipulate reported execution time and memory usage

* for some languages correct_output is copied into the untrusted execution environment which means that solution could potentially just read the correct answers instead of calculating themselves

* none of the default capabilities are dropped which is probably more than what solution needs

* solution can freely create new files

[PolarizedPoutin]

Thank you so much for taking a look and letting us know!

Definitely not surprised that there are many security vulnerabilities...

I'm a grad student in computational science working on this as a hobby so building and securing websites is not something I know much about.

But now that someone is actually using it, I will take security more seriously.

Once I have some time I'll open a GitHub issue and compile a list of the security vulnerabilities you listed and will learn how to fix them.

This should be a good learning opportunity!

[pvg]

This should be a good learning opportunity!

That's a good attitude to have but people are probably going to take over your host[s], vandalize your site and run up your bills long before you get a chance to do all the necessary learning. I don't think your current approach is actually all that easy to secure.

[PolarizedPoutin]

I'm open to suggestions and advice if you have any.

This website is a free open-source side project and not business critical.

[pvg]

I don't have anything particularly concrete but I'd say find an open source implementation of something similar that has had a track record of running without too much incident and carefully copy its implementation, design and configuration.

[Karliss]

My suggestions are:

Disable ability to make submissions until you have more solid plan

Decide what is your goal. Do you want to make a judge system, do you want create tasks or do you want a platform with specific kind of tasks.

Get in touch with people involved in ICPC an IOI contests in your country. Even if you are not interested in those kind of algorithm tasks, there will be some people who are familiar with similar existing systems and could point you in the right direction.

Assuming your primary goal isn't to make a judge system itself, some other options are: * Evaluate the existing online judge systems. There are some open source ones like DOMjudge(https://www.domjudge.org/), CMS(https://cms-dev.github.io/index.html) and others . Consider if you reuse or extend them to suite your desired format. In the worst case maybe just the execution part can be reused. At least learn from their experience and mistakes creating and maintaining such systems.

* Many programming languages now have online REPL environments. Some of them open source. This is one more source of projects that provide sandboxed execution.

* If you have some budget, there are platforms that provide sandboxed exection as service oriented at your exact use case. Some examples are Sphere Engine https://sphere-engine.com/enterprise used by Sphere online judge and Kattis .

There a lot more different platforms with different style of programming tasks than what you listed in your FAQ. Some of looking for problem setters. Maybe one of them fits your type of tasks more. Or it can be a one off contest with slightly unusual problem set. Or maybe it can be a separate category on their system and you can advertise this category on your website.

[PolarizedPoutin]

Thanks for the suggestion. Thread is too deep to reply to your actual message, but I will look around to see how other "online judge" software run arbitrary code securely.

There's probably some low hanging fruit in configuring Docker properly.