指定使用nobody用户进行编译，防止#include</etc/shadow>等情况的发生

部分情况下，include敏感文件可能造成信息泄露。这里设置一下用户权限。
2016-03-05 11:42:17 +08:00
parent 2a1db9fa67
commit cf2fc9df1a
2 changed files with 4 additions and 2 deletions
--- a/judge/client.py
+++ b/judge/client.py
@@ -91,7 +91,8 @@ class JudgeClient(object):
                                out_file=os.path.join(self._judge_base_path, str(test_case_id) + ".out"),
                                args=execute_command[1:],
                                env=["PATH=" + os.environ["PATH"]],
-                                use_sandbox=self._language["use_sandbox"])
+                                use_sandbox=self._language["use_sandbox"],
+                                use_nobody=True)
        if run_result["flag"] == 0:
            output_md5, r = self._compare_output(test_case_id)
            if r: