I am currently starting a project evaluating untrusted programs (student assignments) in a secure sandbox environment. Main idea is to create a web app for GlassFish and Java wrapper around lxc-utils to manage LXC containers. It'll have a queue of waiting programs and a Java wrapper will maintain a fixed number (pool) of LXC containers, assigning each program one (unused) container.
Each container should be secured with SELinux to protect the host system.
My question is: Is it a good idea to create such a mechanism for a sandbox environment, or are there any better fitting solution to this problem? It should be light and secure against student creativity.
Best Answer
You didn't write why you choose LXC as it's not the most secure virtualization solution. I'm heavy user of KVM/XEN and also LXC and I can say this one thing that when it comes to security I never go with Linux containers (no matter if LXC / OpenVZ / VServer). It's just easier (and more reliable) with KVM/XEN.
If it's about performance or hardware requirements then ok - you can try with LXC, but there are some rules You should follow:
Start with reading this - it's quite old, but still - there's much knowledge there. And also - meet user namespaces
And after all of that think again - do you really have that much time to play with LXC security? KVM is just so much simpler...