Scalable architecture for secure execution and test of students' assignments in a virtual programming lab

Abstract

When designing a virtual programming lab module capable to automatically execute and test student’s code, security becomes a major concern. There is a real chance for submission of malicious code (including unintentionally erroneous code) that could drives the system to a fault state due to a crash, a hang or a denial of service. Our proposal is to leave the code execution in charge of a separate system (jail system), so execution of any student’s code is never carry out by the server that runs the Learning Management System which receives and processes the submissions. Scalability is another main issue of our proposal; the architecture shown here is conscious of jail system faults and capable of adapting to load peaks by allowing increase the number of jail systems in use and redistributing workload between them, so responding to variable demands and keeping running under bad conditions. The jail system is built around a Linux daemon and its purpose is to execute programs in a controlled environment, under several constraints of time, memory, file size and number of simultaneous processes. Requests received by the jail server are executed in a sandbox. This sandbox is based on a chroot which changes the root directory of the file system to a fake file system that impedes execution of programs with privileges and limits the available resources. When the execution ends all the files created by the executed programs are deleted. Each execution uses a different virtual user randomly selected from a set of virtual users. This architecture has been successfully applied in the design of the Virtual Programming Lab (VPL) module for Moodle, developed at the University of Las Palmas de Gran Canaria.