7

I am trying to reproduce an API for executing Java (like ideone.com has), but so far I'm having a lot of difficulties running Java sandboxed (SELinux sandbox doesn't work).

I've heard about the SecurityManager, but I'm trying to figure out what's the easiest way to run Java code in a sandbox (kind of like a Java applet running in the browser), instead of writing my own jail server using the SecurityManager.

explunit
  • 18,967
  • 6
  • 69
  • 94
Ron Reiter
  • 3,852
  • 3
  • 30
  • 34
  • 1
    what about this answer, seems like that's you need?: http://stackoverflow.com/questions/9192493/how-to-run-java-code-in-a-restricted-sandbox-without-network-filesystem-access – Stas May 30 '13 at 16:07

2 Answers2

1

The SecurityManager is designed for this purpose. You'll need to create a policy file to restrict access, as described here: Policy Files, then enable it at runtime for just the code you're trying to sandbox.

Richard Wilkes
  • 309
  • 2
  • 10
1

You might want to take a look at the java-sandbox project [1] which aims at providing a simple interface to execute untrusted code.

[1] http://blog.datenwerke.net/p/the-java-sandbox.html

Arno Mittelbach
  • 952
  • 5
  • 12