From cf2fc9df1abaaeb61d5ea6cf0e91f47b74030002 Mon Sep 17 00:00:00 2001 From: virusdefender <1670873886@qq.com> Date: Sat, 5 Mar 2016 11:42:17 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8C=87=E5=AE=9A=E4=BD=BF=E7=94=A8nobody?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E8=BF=9B=E8=A1=8C=E7=BC=96=E8=AF=91=EF=BC=8C?= =?UTF-8?q?=E9=98=B2=E6=AD=A2#include=E7=AD=89=E6=83=85?= =?UTF-8?q?=E5=86=B5=E7=9A=84=E5=8F=91=E7=94=9F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 部分情况下,include敏感文件可能造成信息泄露。这里设置一下用户权限。 --- judge/client.py | 3 ++- judge/compiler.py | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/judge/client.py b/judge/client.py index da871c2..ac6309d 100644 --- a/judge/client.py +++ b/judge/client.py @@ -91,7 +91,8 @@ class JudgeClient(object): out_file=os.path.join(self._judge_base_path, str(test_case_id) + ".out"), args=execute_command[1:], env=["PATH=" + os.environ["PATH"]], - use_sandbox=self._language["use_sandbox"]) + use_sandbox=self._language["use_sandbox"], + use_nobody=True) if run_result["flag"] == 0: output_md5, r = self._compare_output(test_case_id) if r: diff --git a/judge/compiler.py b/judge/compiler.py index f39a62d..f4fc955 100644 --- a/judge/compiler.py +++ b/judge/compiler.py @@ -20,7 +20,8 @@ def compile_(language_item, src_path, exe_path, judge_base_path): max_memory=2000000000, args=compile_args, env=["PATH=" + os.environ["PATH"]], - use_sandbox=False) + use_sandbox=False, + use_nobody=True) compile_output_handler = open(compiler_output_file) compile_output = compile_output_handler.read().strip()