Safe Execution in Ruby

Question

I am trying to make a website where people can run there uploaded code. Something like SPOJ / ACM. How do I make sure that code doeesn't damage my system ( restricting access to sockets , system calls )

I have look around many solution on net, some suggested chroot but I don't understand. Also this require config, can this be done with config etc.

Note I am not asking for any particular language, running in executable.

My development setup is MAC and Linux for hosting, it would nice if solution can run on both. Not a requirement.

Answer 1

I would suggest that using a Virtual machine that had the bare minimum of a system, to allow only ruby to run and nothing else. I would use a linux system where you can lock down the execution of programs to a greater degree, with extended permissions.

finally after each program has been run, then reset the virtual machine to a checkpoint pristine setup, so wiping any accidents that may have occurred.