[Edu-sig] chroot jail or sandbox?

[matthias@ccs.neu.edu]

If Python had followed the TeachScheme! strategy, you 
could sandbox the student programs by running the module
in the language that they are supposed to use. The 
languages are well-specified so that students can't write 
malicious code. Period. All code that could be malicious
comes from a TeachPack, written by you. 

The technology to make that work is to support modules that 
are written in different languages and link them together 
(also dynamically) as if they had been written in one language. 
The rest is a mixture of threads, resource containers, and 
externally controlled event spaces, but I suspect that Python
has these kinds of things. 

Works like a charm for 1000's of students, assuming you have a
big enough machine. 

-- Matthias