I have long had this curiosity.
Suppose I run a web/servlet container (such as
Tomcat), and I permit other users to host their web content under their user directory, etc. How does one go about preventing malicious activity by the arbitrary users? For example, as a user of such a service, I could simply open a file for write on the server machine and start writing whatever I wanted.
I can think of two possible solutions:
1) Manual inspection of code before it is permitted to be hosted; laborious and error-prone.
2) Install a SecurityManager on the container that only permits a set of restricted operations; Potentially error-prone.
Just how is it usually done?