Well I was thinking of providing a simplified subset of the language which be converted into clojure syntax and then executed, that way I would hopefully not give them the full power of the language, but they would still get a reasonable scripting language. Only the keywords that I choose would be executed as they would be all that was recognised by my reader.
I wasn't considering running on a solaris although thank you for pointing that out. I personally find it odd that there aren't tools that can do the same in linux. How about a system where each user that is running a script gets a thread or thread pool, any script they run would be in that specific thread or thread pool. Can I limit that thread pool? I did a quick google and found clj-sandbox, http://github.com/Licenser/clj-sandbox. Any reason that wouldn't be sufficient? I'm a little worried when the code writer says he's failing in writing it. :S I'll need to poke around in it to see how it works. :) On Jul 13, 8:46 am, Mike Meyer <mwm-keyword-googlegroups. 620...@mired.org> wrote: > On Tue, 13 Jul 2010 08:29:00 +0200 > "Heinz N. Gies" <he...@licenser.net> wrote: > > > > > > > > > On Jul 13, 2010, at 2:44 , Folcon wrote: > > > > On Jul 13, 1:36 am, ngocdaothanh <ngocdaoth...@gmail.com> wrote: > > >>> Are there any ways to restrict how many resources a user has access to? > > > >> If you use Linux, you see /etc/security/limits.conf. > > > > That is useful and I will keep that in mind, however I was thinking of > > > application users, so they would login to the clojure application and > > > run scripts on it. Can they somehow be restricted? > > > > I will definitely consider running the app under a seperate user and > > > putting limits on that user as a whole. > > > Hi Falcon, > > yes and no, you can limit CPU usage by limiting execution time. Limiting > > memory usage of a specific code is hard at best and more goes towards the > > impossible corner - sadly, I try to do this myself for clj-sandbox and fail > > since about half a year :P. > > If you're on Linux, there's a sysctl you can use to cap the processes > various memory usages. However, that's on a per-process basis, so if > the user can fork, they can use more total memory than that. (Hmm - > maybe there's a per-user limit as well...) Not sure how you get to > sysctl's from the java world, though. > > If you're using Solaris, it has very good tools for limiting how much > memory and/or CPU % a "project" can use, where projects can be pretty > arbitrarily defined. If you're wanting to give people full access to > clojure as part of the deal (a "try clojure online" type thing), then > you can use solaris zones to create an environment that's isolated > from the rest of your system and having a maximum percentage of CPU > and memory available. > > <mike > -- > Mike Meyer <m...@mired.org> http://www.mired.org/consulting.html > Independent Network/Unix/Perforce consultant, email for more information. > > O< ascii ribbon campaign - stop html mail -www.asciiribbon.org- Hide quoted > text - > > - Show quoted text - -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en
