I wondering the principle of Codepad.org website. (Principle of online C compiler)
I think the principle follow these steps.
User submit the C code.
Website send to GCC installed on server.
GCC compile the code.
GCC return the strings and send to Website(Webserver)
Webserver return the strings to user.
Is that steps right? Then, how to protect from malignant code such as deleting all file from server?
From http://codepad.org/about:
Code execution is handled by a supervisor based on geordi. The strategy is to run everything under ptrace, with many system calls disallowed or ignored. Compilers and final executables are both executed in a chroot jail, with strict resource limits. The supervisor is written in Haskell.
Also:
Paranoia
When your app is remote code execution, you have to expect security problems. Rather than rely on just the chroot and ptrace supervisor, I've taken some additional precautions:
The supervisor processes run on virtual machines, which are firewalled such that they are incapable of making outgoing connections.
The machines that run the virtual machines are also heavily firewalled, and restored from their source images periodically.