I have been playing around with the playpen and discovered that I could issue commands from rust with Command like ls to look around the system and then cat some config files, etc.
Here is a Playpen link where you can find some examples.
So I just wanted to make sure that this is the intended behaviour and not some security issue. 
I now know that the server runs Arch Linux with an Intel® Xeon® CPU E5-2670 v2 @ 2.50GHz and is running perl 5, version 20, subversion 2 (v5.20.2) 
playpen is sandboxed with a tool call playpen so it should be fine.
Hopefully no one tries to misuse that sandbox as a spam sender…
Yeah I figured it was sandboxed because I could create new files in the working directory but they would get removed after the program exited. But better be safe than sorry 
Unlikely, as playpen only allows system calls from a whitelist and the whole socket family isn’t on there.
See playpen’s github for some docs on how the sandboxing works.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.