feat: implement execution sandboxing for Java and Python; enhance security and add related environment configurations

Author: IanSkelskey

README.md

@@ -68,6 +68,17 @@ Then open:
 
 For local development details, environment variables, architecture notes, deployment, and contributor workflow, see [CONTRIBUTING.md](./CONTRIBUTING.md).
 
+## Execution Safety
+
+Browser-triggered Java and Python execution runs arbitrary user code on the relay host, so deployment defaults matter.
+
+- The Docker image is configured to require sandboxed execution and drops Java/Python child processes to a dedicated low-privilege OS user.
+- If the server is started as `root` without `EXEC_SANDBOX_UID` and `EXEC_SANDBOX_GID`, execution is now disabled by default. You can explicitly override that with `EXEC_ALLOW_UNSANDBOXED_ROOT=1`, but that is not recommended.
+- Local development on platforms without POSIX `uid`/`gid` privilege dropping can still run unsandboxed unless you require sandboxing with `EXEC_REQUIRE_SANDBOX=1`.
+- The app's Help -> About tab and the server health endpoint report whether execution is `Sandboxed`, `Unsandboxed`, or `Disabled`.
+
+This is a hardening step, not a full container-per-run sandbox. If you expose execution to untrusted users, isolate the relay further at the deployment level as well.
+
 ## What You Can Do
 
 - Create or join a room from the landing page in a few seconds.

server/Dockerfile

@@ -3,9 +3,15 @@ FROM node:20-slim
 # Install JDK and Python for interactive code execution
 RUN apt-get update && \
     apt-get install -y default-jdk-headless python3 && \
+    groupadd --system --gid 10001 collabexec && \
+    useradd --system --uid 10001 --gid 10001 --create-home --home-dir /home/collabexec collabexec && \
     rm -rf /var/lib/apt/lists/* && \
     javac -version && java -version && python3 --version
 
+ENV EXEC_SANDBOX_UID=10001
+ENV EXEC_SANDBOX_GID=10001
+ENV EXEC_REQUIRE_SANDBOX=1
+
 WORKDIR /app
 
 COPY package.json ./

server/exec/index.cjs

@@ -5,11 +5,19 @@ const {
   isPythonAvailable,
   getPythonRuntimeVersion,
 } = require('./runtimeRegistry.cjs');
+const {
+  getExecutionSandboxStatus,
+  isExecutionAllowed,
+  isExecutionSandboxed,
+} = require('./sandbox.cjs');
 
 module.exports = {
   handleExecConnection,
   isJavaAvailable,
   getJavaRuntimeVersion,
   isPythonAvailable,
   getPythonRuntimeVersion,
+  isExecutionAllowed,
+  isExecutionSandboxed,
+  getExecutionSandboxStatus,
 };

server/exec/processRunner.cjs

@@ -8,6 +8,7 @@ function runProcess(context) {
     command,
     args,
     cwd,
+    spawnOptions,
     files,
     ignoredDirs,
     ignoredExtensions,
@@ -22,6 +23,7 @@ function runProcess(context) {
   const child = spawn(command, args, {
     cwd,
     stdio: ['pipe', 'pipe', 'pipe'],
+    ...spawnOptions,
   });
   setActiveProcess(child);
 

server/exec/runtimes/java.cjs

@@ -63,6 +63,7 @@ const javaRunner = {
       files,
       entryPoint,
       tmpDir,
+      execSpawnOptions,
       runProcess,
       send,
       cleanup,
@@ -88,11 +89,18 @@ const javaRunner = {
     const mainClass = resolveMainClass(sourceByClass, entryPoint || 'Main');
     const outDir = path.join(tmpDir, '__out__');
     fs.mkdirSync(outDir, { recursive: true });
+    if (typeof execSpawnOptions?.uid === 'number' && typeof execSpawnOptions?.gid === 'number') {
+      fs.chownSync(outDir, execSpawnOptions.uid, execSpawnOptions.gid);
+      fs.chmodSync(outDir, 0o700);
+    }
 
     console.log(`[exec] Compiling ${javaFiles.length} Java file(s) in ${tmpDir}, main class: ${mainClass}`);
     send({ type: 'compile-start' });
 
-    const javac = spawn('javac', ['-d', outDir, ...javaFiles]);
+    const javac = spawn('javac', ['-d', outDir, ...javaFiles], {
+      cwd: tmpDir,
+      ...execSpawnOptions,
+    });
     let compileErr = '';
 
     javac.stderr.on('data', (data) => {
@@ -111,8 +119,9 @@ const javaRunner = {
       send({ type: 'compile-ok' });
       runProcess({
         command: 'java',
-        args: ['-cp', outDir, mainClass],
+        args: [`-Djava.io.tmpdir=${tmpDir}`, `-Duser.home=${tmpDir}`, '-cp', outDir, mainClass],
         cwd: tmpDir,
+        spawnOptions: execSpawnOptions,
         files,
         ignoredDirs: new Set(['__out__']),
         ignoredExtensions: new Set(['.class']),

server/exec/runtimes/python.cjs

@@ -55,6 +55,7 @@ const pythonRunner = {
       files,
       entryPoint,
       tmpDir,
+      execSpawnOptions,
       runProcess,
       send,
       cleanup,
@@ -94,8 +95,9 @@ const pythonRunner = {
 
     runProcess({
       command: pythonRuntime.command,
-      args: [...pythonRuntime.args, runtimeEntryPoint],
+      args: [...pythonRuntime.args, '-I', '-B', runtimeEntryPoint],
       cwd: tmpDir,
+      spawnOptions: execSpawnOptions,
       files,
       ignoredDirs: new Set(['__pycache__']),
       ignoredExtensions: new Set(['.pyc']),

server/exec/sandbox.cjs

@@ -0,0 +1,176 @@
+const fs = require('fs');
+const path = require('path');
+
+function parseOptionalInteger(value) {
+  if (value == null || value === '') {
+    return null;
+  }
+
+  const parsed = Number.parseInt(String(value), 10);
+  return Number.isFinite(parsed) ? parsed : null;
+}
+
+function readBooleanEnv(name, fallback = false) {
+  const value = process.env[name];
+  if (value == null) {
+    return fallback;
+  }
+
+  const normalized = String(value).trim().toLowerCase();
+  return normalized === '1' || normalized === 'true' || normalized === 'yes' || normalized === 'on';
+}
+
+function detectExecutionSandbox() {
+  const sandboxRequired = readBooleanEnv('EXEC_REQUIRE_SANDBOX', false);
+  const allowUnsandboxedRoot = readBooleanEnv('EXEC_ALLOW_UNSANDBOXED_ROOT', false);
+
+  if (process.platform === 'win32' || typeof process.getuid !== 'function') {
+    return {
+      enabled: false,
+      allowed: !sandboxRequired,
+      uid: null,
+      gid: null,
+      reason: 'POSIX uid/gid privilege dropping is unavailable on this platform',
+    };
+  }
+
+  if (process.getuid() !== 0) {
+    return {
+      enabled: false,
+      allowed: !sandboxRequired,
+      uid: null,
+      gid: null,
+      reason: 'Server is not running as root, so execution cannot be dropped to a separate OS user',
+    };
+  }
+
+  const uid = parseOptionalInteger(process.env.EXEC_SANDBOX_UID);
+  const gid = parseOptionalInteger(process.env.EXEC_SANDBOX_GID);
+  if (uid == null || gid == null) {
+    const allowed = sandboxRequired ? false : allowUnsandboxedRoot;
+    return {
+      enabled: false,
+      allowed,
+      uid: null,
+      gid: null,
+      reason: allowed
+        ? 'Server is running as root without a dedicated execution user'
+        : 'Server is running as root without a dedicated execution user. Configure EXEC_SANDBOX_UID and EXEC_SANDBOX_GID, or set EXEC_ALLOW_UNSANDBOXED_ROOT=1 to override',
+    };
+  }
+
+  return {
+    enabled: true,
+    allowed: true,
+    uid,
+    gid,
+    reason: `Execution runs as uid ${uid}, gid ${gid}`,
+  };
+}
+
+const executionSandbox = detectExecutionSandbox();
+
+if (executionSandbox.enabled) {
+  console.log(`[exec] Sandbox enabled - ${executionSandbox.reason}`);
+} else if (executionSandbox.allowed) {
+  console.warn(`[exec] WARNING: execution is not sandboxed - ${executionSandbox.reason}`);
+} else {
+  console.error(`[exec] Execution disabled - ${executionSandbox.reason}`);
+}
+
+function applyOwnership(targetPath, uid, gid) {
+  const stats = fs.lstatSync(targetPath);
+  if (stats.isSymbolicLink()) {
+    return;
+  }
+
+  fs.chownSync(targetPath, uid, gid);
+  if (stats.isDirectory()) {
+    fs.chmodSync(targetPath, 0o700);
+    for (const entry of fs.readdirSync(targetPath, { withFileTypes: true })) {
+      applyOwnership(path.join(targetPath, entry.name), uid, gid);
+    }
+    return;
+  }
+
+  fs.chmodSync(targetPath, 0o600);
+}
+
+function prepareExecutionWorkspace(tmpDir) {
+  if (!executionSandbox.enabled) {
+    return;
+  }
+
+  applyOwnership(tmpDir, executionSandbox.uid, executionSandbox.gid);
+}
+
+function buildExecutionEnv(tmpDir) {
+  if (process.platform === 'win32') {
+    return {
+      ...process.env,
+      HOME: tmpDir,
+      USERPROFILE: tmpDir,
+      TMPDIR: tmpDir,
+      TEMP: tmpDir,
+      TMP: tmpDir,
+    };
+  }
+
+  const env = {
+    PATH: process.env.PATH || '',
+    HOME: tmpDir,
+    TMPDIR: tmpDir,
+    TEMP: tmpDir,
+    TMP: tmpDir,
+    LANG: process.env.LANG || 'C.UTF-8',
+    LC_ALL: process.env.LC_ALL || process.env.LANG || 'C.UTF-8',
+  };
+
+  if (process.env.JAVA_HOME) {
+    env.JAVA_HOME = process.env.JAVA_HOME;
+  }
+
+  return env;
+}
+
+function getExecutionSpawnOptions(tmpDir) {
+  const spawnOptions = {
+    env: buildExecutionEnv(tmpDir),
+    windowsHide: true,
+  };
+
+  if (executionSandbox.enabled) {
+    spawnOptions.uid = executionSandbox.uid;
+    spawnOptions.gid = executionSandbox.gid;
+  }
+
+  return spawnOptions;
+}
+
+function isExecutionAllowed() {
+  return executionSandbox.allowed;
+}
+
+function isExecutionSandboxed() {
+  return executionSandbox.enabled;
+}
+
+function getExecutionSandboxStatus() {
+  if (executionSandbox.enabled) {
+    return `Sandboxed - ${executionSandbox.reason}`;
+  }
+
+  if (!executionSandbox.allowed) {
+    return `Disabled - ${executionSandbox.reason}`;
+  }
+
+  return `Unsandboxed - ${executionSandbox.reason}`;
+}
+
+module.exports = {
+  getExecutionSpawnOptions,
+  getExecutionSandboxStatus,
+  isExecutionAllowed,
+  isExecutionSandboxed,
+  prepareExecutionWorkspace,
+};

server/exec/session.cjs

@@ -4,6 +4,12 @@ const path = require('path');
 const WebSocket = require('ws');
 const { runProcess } = require('./processRunner.cjs');
 const { getRunner, resolveExecutionLanguage } = require('./runtimeRegistry.cjs');
+const {
+  getExecutionSandboxStatus,
+  getExecutionSpawnOptions,
+  isExecutionAllowed,
+  prepareExecutionWorkspace,
+} = require('./sandbox.cjs');
 const {
   sanitizeRelativePath,
   normalizeProjectFiles,
@@ -42,6 +48,11 @@ function handleExecConnection(ws) {
       return;
     }
 
+    if (!isExecutionAllowed()) {
+      send({ type: 'error', data: getExecutionSandboxStatus() });
+      return;
+    }
+
     tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'collab-exec-'));
     const files = normalizeProjectFiles(message);
     const language = resolveExecutionLanguage(message, files);
@@ -60,10 +71,20 @@ function handleExecConnection(ws) {
     }
 
     writeProjectFiles(tmpDir, files);
+    try {
+      prepareExecutionWorkspace(tmpDir);
+    } catch (err) {
+      send({ type: 'error', data: `Failed to prepare execution sandbox: ${err.message}` });
+      cleanup();
+      return;
+    }
+
+    const execSpawnOptions = getExecutionSpawnOptions(tmpDir);
     runner.start({
       files,
       entryPoint: sanitizeRelativePath(message.entryPoint || message.mainClass || ''),
       tmpDir,
+      execSpawnOptions,
       runProcess,
       send,
       cleanup,

server/exec/workspace.cjs

@@ -46,6 +46,10 @@ function collectSyncedFiles(rootDir, originalFiles, ignoredDirs, ignoredExtensio
       const fullPath = path.join(directory, entry.name);
       const relativePath = relativePrefix ? `${relativePrefix}/${entry.name}` : entry.name;
 
+      if (entry.isSymbolicLink()) {
+        continue;
+      }
+
       if (entry.isDirectory()) {
         if (ignoredDirs.has(entry.name)) {
           continue;
@@ -54,12 +58,16 @@ function collectSyncedFiles(rootDir, originalFiles, ignoredDirs, ignoredExtensio
         continue;
       }
 
+      const stat = fs.lstatSync(fullPath);
+      if (!stat.isFile()) {
+        continue;
+      }
+
       const extension = path.extname(entry.name);
       if (ignoredExtensions.has(extension)) {
         continue;
       }
 
-      const stat = fs.statSync(fullPath);
       if (stat.size > 1024 * 256) {
         continue;
       }