It's an online compiler IDE tool for anyone who finds them useful. Its was initially built with code mirror and ideone APIs.
Java, Python, C, C++ and others
These languages run on linux. For some languages compiler parameters is being supplied.
C++ (gcc) - g++ (g++ -Wall -std=c++11 -O2)
C++ (clang) - clang (clang++ -Wall -std=c++11 -O2)
C (gcc) - gcc (gcc -Wall -std=gnu99 -O2)
C (clang) - clang (clang -Wall -std=gnu99 -O2)
Java - Oracle's implementation of Java
Your code will be run on behalf special user and group. Also your code will be executed from Python wrapper
which sets various limits to the process. It does so by using 'setrlimit' system call. You'll have max 30 sec
to compile, max 5 sec of cpu time to run, limited memory (~1500 Mb) and other restrictions will apply
(like no writing permissions). Also your process and all its children will be run in a newly created process
group which will be terminated after 10 seconds from start if still running.
Everything that will be submitted as input will be piped to process via stdin stream. So your code should consume input as if it came from keyboard.
About System Security
We don't claim that this is secure. In many senses you'll have the power of special user.
On a bright side, this has some useful side-effects. The reason why, at least for now,
we leave so many potential security breaches is because it's hard to make it really secure. What are the options?
Codepad seems to 'ptrace' everything and disallow many system calls, for example, 'fork()'. That's pretty restrictive.
Apparmor - out of everything we tried, this did the job pretty well and it was rather easy to configure. But it doesn't work with OpenVZ virtualization that is used by server provider.
SELinux - stopped reading documentation in the middle of it. Too (unnecessarily?) complex.
Native security mechanisms - like chroot and file permissions. Hard to make it secure this way without breaking the service and the system.
Chromium sandboxes that exist both for windows and linux. These sandboxes run chrome's page renderers and probably quite secure. Drawbacks are: hard to setup and possibly too limiting (however this needs to be verified)
So, In this coding world nothing is secure because it doesn't matter how much the system is secured, it always contain a weak point because there is a theory which i
believe that "if one Gate closes then Somewhere other Opens" means if 0 (zero) exist then there is always be the possibility that 1 (one) exist.