Allow setting sandbox parameters per-language, make sandbox more restrictive #1545
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…rictive * Don't put /etc in the sandbox by default, only include the parts of /etc that are necessary for specific languages (except for pascal...) * Don't use preserve_env=True for compilation sandboxes, instead set PATH to a reasonable value manually.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This implements one part of #1480 and is necessary for supporting dotnet (#1243).
I call configure_compilation_sandbox and configure_evaluation_sandbox as late as possible, to allow languages to override the general parameters if needed. None of them need that currently, but it might be useful in the future.
Note that TwoSteps doesn't actually call configure_evaluation_sandbox, but then again it never even called get_evaluation_commands in the first place...