What I want to achieve: Players can share C++ source code, build in their machines as plugins, and run those plugins. However, how can I prevent malicious source code?
How CompileExplorer or other online compilers approach this? VM? docker? Downgrading privileges?
Maybe modifying clang? but where to start?
Thanks a lot!
As of today (2023) CE doesn't use containers, and I think around 2019 they moved from FireJail to nsjail. There's also still some legacy code that prevents running with switches that were once considered unsafe (eg clang plugins).