diff options
| author |  ionite34 <[email protected]> | 2022-12-04 09:12:07 +0800 |
|---|---|---|
| committer | ionite34 <[email protected]> | 2022-12-04 09:12:07 +0800 |
| commit | 6ec4dd2d3026d1fe8e567b7eaf723d82811cdcf1 (patch) | |
| tree | 31f3090fcd9725199706e3f9a5a5931b38f6014d | |
| parent | Change Size to IntEnum, change usage in tests (diff) | |
Format readme newlines
| -rw-r--r-- | README.md | 14 |
1 files changed, 4 insertions, 10 deletions
@@ -70,28 +70,22 @@ NsJail is configured through [`snekbox.cfg`]. It contains the exact values for t ### Memory File System -On each execution, the host will mount an instance-specific `tmpfs` directory, -this is used as a limited read-write folder for the sandboxed code. There is no -access of any kind to other files or directories on the host system or container, -as only this new directory is mounted to NSJail. +On each execution, the host will mount an instance-specific `tmpfs` drive, this is used as a limited read-write folder for the sandboxed code. There is no access to other files or directories on the host container beyond the other read-only mounted system folders. Instance file systems are isolated, it is not possible for sandboxed code to access another instance's writeable directory. -The following options for the memory file system are configurable as options in -[gunicorn.conf.py](config/gunicorn.conf.py) +The following options for the memory file system are configurable as options in [gunicorn.conf.py](config/gunicorn.conf.py) * `memfs_instance_size` Size in bytes for the capacity of each instance file system. * `files_limit` Maximum number of valid output files to parse. * `files_timeout` Maximum time in seconds for output file parsing and encoding. * `files_pattern` Glob pattern to match files within `output`. -The sandboxed code execution will start with a working directory of `home`, and -a visible folder `output`. The user has read/write access to any path under `home`. +The sandboxed code execution will start with a working directory of `home`, and a visible folder `output`. The user has read/write access to any path under `home`. ``` /home |- output ``` -Files written to the `output` subfolder will be parsed and returned as -a list of `FileAttachment` objects in `EvalResult.files` from the `python3` function. +Files written to the `output` subfolder will be parsed and returned as a list of `FileAttachment` objects in `EvalResult.files` from the `python3` function. To send files to snekbox, it can be included as the `files` parameter of `python3`. |