Question Authors' Forum

Java security

 
Picture of Vladimir Ilyin
Java security
by Vladimir Ilyin - Friday, 4 November 2016, 7:06 AM
 

We work with very gifted students
(some of them are).

And they can do... everything.

So I want to deny net and file activity of their java code.
What is the simpliest (right) way to do that?

Picture of Peter Sander
Re: Java security
by Peter Sander - Friday, 4 November 2016, 10:02 AM
 

Certainly not the right way, but by far the simplest (until the students catch on)...

In the question prototypes I've set up (in another forum thread), the only imported packages are java.util and java.util.stream. OTOH, nothing to stop them using java.net or java.nio or whatever classes by their complete name :^( . I suppose one could filter their answers for given package name occurrences in class names and raise a fuss.


Picture of Richard Lobb
Re: Java security
by Richard Lobb - Friday, 4 November 2016, 9:04 PM
 

You should Firewall the Jobe server to prevent student jobs opening connections to any other machines. If the Jobe server is on a separate machine (strongly recommended) you should also configure the firewall to prevent access from anywhere except the Moodle server. See the section "Securing by means of a firewall" in the Jobe install instructions for more details. If firewalled in that way, student jobs shouldn't be able to do anything dangerous on the net.

I personally have a more relaxed attitude towards file activity - the student jobs can't do anything from within Jobe that they couldn't do if you gave them a login on the Jobe machine. [In our Department, all students have Linux logins.] But if you're nervous about that, too, you can either do simple things like Peter suggests or you can figure out how to use the Java Security Manager. I can't help with the latter, myself.

Richard

Picture of Vladimir Ilyin
Re: Java security
by Vladimir Ilyin - Saturday, 5 November 2016, 12:31 AM
 
I do not understand what twig is very well.
What does e(java) or e(py) exectly do?


I understand, It is a filter of user answer.
Can I use that to filter students java code for 
ininappropriate classes? Write my own scripts?

How to use the Java Security Manager?
Is it possible to add command line options to lunch 
java code with them?


Of course, I can use Python-questions and strip code before launch,
but I need to be sure if it is save to put student code
in multiline string (int triple quotes).


Picture of Richard Lobb
Re: Java security
by Richard Lobb - Monday, 7 November 2016, 8:09 PM
 

e(py) and e(java) are the filters that escape strings in a language-dependent way such that assignment statements like

String s = "{{ STUDENT_ANSWER | e('java')}}"  // Java
s = """{{ STUDENT_ANSWER | e('py') }}"""  # Python (edit: added missing terminators)

will give you a valid string containing the given template parameter (in this case whatever code the student submitted).

You can't really do anything else with them.

I can't help you with the Java Security Manager as I've never used it.

I'm not sure what you mean by adding command line options to lunch (launch?) java code.

Richard


Picture of Vladimir Ilyin
Re: Java security
by Vladimir Ilyin - Tuesday, 8 November 2016, 4:12 AM
 

CodeRunner has parameter Sandbox-Option
So we can run java programs with  -Djava.security.manager But it has not work for me.

But we can use SecurityManager this way 

public class __Test__ {
    static{
        System.setSecurityManager(new SecurityManager());
    } //... }
{{ STUDENT_ANSWER | replace({'public class ': 'class '}) }}

I think this code is safe enough.

Аnd it is a very weak protection disallow imports, but we cal filter any using of standart packages by twig replace function.

Hope this information will be useful for somebody.