OLYMPIADS IN INFORMATICS, 2009, Vol. 3, 67-73
© Institute of Mathematics and Informatics,

ISSN 1822-7732

Using a Linux Security Module for Contest Security

Bruce MERRY

ARM Ltd 110 Fulbourn Road, Cambridge, CB1 9NJ, United Kingdom E-mail: bmerry@gmail.com

Abstract

The goal of a programming contest grading system is to take unknown code and execute it on test data. Since the code is frequently buggy and potentially malicious, it is necessary to run the code in a restricted environment to prevent it from damaging the grading system, bypassing resource constraints, or stealing information in order to obtain a better score.

We present some background on methods to construct such a restricted environment. We then describe how the South African Computer Olympiad has used a Linux Security Module to implement a restricted environment, as well as the limitations of our solution.

Keywords:

linux security module, programming contest, sandboxing


PDFTo preview full article text in PDF format click here

Get Free ReaderYou could obtain free Acrobat Reader from Adobe


Copyright © Olympiads in Informatics, Vilnius University Institute of Mathematics and Informatics, 2009