Hacker Newsnew | comments | show | ask | jobs | submit login

I don't know if this is common knowledge or something, but how are all these companies implementing a secure way to execute arbitrary code? Sounds like a non-trivial thing to get right.



Usually there is some kind of sandboxing in place. That way you can limit what the code is allowed to execute. For e.g. in PHP you would probably use Runkit[1] for this.

1. http://php.net/manual/en/book.runkit.php

-----


Build a virtual machine, run it, have it output a single bit and destroy it.

If you can root their VM blind, without feedback, you win all the challenges.

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: