Skip to content
/ myrias Public

Arbitrary code execution server using Docker //in Rust//.

License

Notifications You must be signed in to change notification settings

iCrawl/myrias

This branch is 1 commit ahead of master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ea1281f · Jan 20, 2023

History

81 Commits
Apr 30, 2021
Aug 3, 2019
Aug 10, 2019
Aug 3, 2019
Aug 5, 2019
Jan 20, 2023
Jan 20, 2023
Aug 5, 2019
Aug 5, 2019
Aug 10, 2019
Aug 10, 2019

Repository files navigation

Myrias

Arbitrary code execution server using Docker //in Rust//.

Setup (Linux only)

You have to install gVisor as a runtime for docker to provide an additional isolation boundary between the containers and the host kernel.

(
    set -e 
    wget https://storage.googleapis.com/gvisor/releases/nightly/latest/runsc
    wget https://storage.googleapis.com/gvisor/releases/nightly/latest/runsc.sha512
    sha512sum -c runsc.sha512
    sudo mv runsc /usr/local/bin
    sudo chown root:root /usr/local/bin/runsc
    sudo chmod 0755 /usr/local/bin/runsc
)

/etc/docker/daemon.json:

{
    "runtimes": {
        "runsc": {
            "path": "/usr/local/bin/runsc",
            "runtimeArgs": [
                "--network=none",
                "--overlay"
            ]
        },
        "runsc-kvm": {
            "path": "/usr/local/bin/runsc",
            "runtimeArgs": [
                "--platform=kvm",
                "--network=none",
                "--overlay"
            ]
        }
    }
}

You may have to create this file if it does not exist.

Installation

Archives of precompiled binares for Myrias will be available for Windows, macOS and Linux.

Linux binaries are static executables. Windows binaries are available built with Microsoft Visual C++ (MSVC).

Running

TBD

Motivation

  • Myriad: I just really can't read/write Haskell.

Endpoints

GET /languages

List of enabled languages.
Example response:

["rust", "typescript"]

POST /create_container

Creates a language container (if not already present).
JSON payload with language key.
The language is as in the name of a subfolder in the languages directory.
Example payload:

{ "language": "rust" }

POST /eval

Evaluate code.
JSON payload with language and code keys.
The language is as in the name of a subfolder in the languages directory.
Example payload:

{ "language": "rust", "code": "fn main() { println!(\"{}\", 1 + 1); }" }

Example response:

{ "result": "2\n" }

Errors with 404 if language is not found, 504 if evaluation timed out, or 500 if evaluation failed for other reasons.

GET /containers

List of containers being handled by Myrias.

POST /cleanup

Kill all containers, giving back the names of the containers killed.