tabox
| Crates.io | tabox |
| lib.rs | tabox |
| version | 1.3.4 |
| source | src |
| created_at | 2019-11-29 18:45:52.092359 |
| updated_at | 2024-11-10 14:23:28.223941 |
| description | A sandbox to execute a program in an isolated environment and measure its resource usage |
| homepage | https://alerighi.github.io/tabox |
| repository | https://github.com/alerighi/tabox |
| max_upload_size | |
| id | 185362 |
| size | 102,979 |
Filippo Casarin (Virv12)
documentation
https://docs.rs/tabox
README
tabox
A minimal program to securely execute untrusted executables in a sandboxed environment.
Featres:
- measure and limit accurately the usage of the following resources:
- CPU time in nanoseconds (both user, system)
- memory usage (maximum residente set size - RSS) in bytes
- wall time
- doesn't require root privileges (altough it requires user namespaces enabled, something that some distributions disable by default)
- dedicated filesystem for the sandbox with the possibility to bind-mount directories on the local filesyste, both read-only and read-write
- works also on macOS, altough in that system no real sandboxing is done and some features are not available (e.g. bind mounts)
This sandbox is currently used by task-maker-rust to securely execute user submissions.
License: MPL-2.0