Is it possible to design a compiler that can safely compile and run untrusted code?
As a practical example, I want to know how the online compilers are designed/programmed?(Like the one on codepad.org) Are they similar to our traditional day-to-day compiler. How they are hosted on servers?
This question is asked on stackoverflow:
How do sites like codepad.org and ideone.com sandbox your program
A short summary from the answers:
A more theoretical answer would be that it is possible to restrict all calls out of the program, (syscalls, function calls etc.), in a manner similar to how native client works, if you have control of the compiler (and even moreso, if you control the CPU and OS). For time and memory consumption, you can simply have have cut-offs that would kill the compilation process/running program. This should only leave you vulnerable to bugs in the compiler, runtime libs, and the OS/hardware level; which a VM can mostly eliminate the danger of.
How is the compiler built? The same way standard non-web compilers are built. Really, the web interface is just a interface to the compiler -- there's nothing fundamentally different about compiling a program submitted via the web vs submitted from the filesystem.
What would be fundamentally different would be if the service allowed you to compile and run the program on the server. Running untrusted code on the server poses some challenges (how do we do it securely?). If that's what you wanted to know about, Realz Slaw's answer should provide some more details about that aspect. But in your question you only asked about compiling, and there's nothing different about compiling.
