Why are some commands blocked in Matlab Grader, e.g. system?

4 visualizzazioni (ultimi 30 giorni)
Piotr Kot
Piotr Kot il 19 Dic 2024
Modificato: Piotr Kot il 20 Dic 2024
When a Matlab Grader user uses certain commands in the solution, e.g.
path
system
then an error is returned:
Error: You may not use the command(s) path, system in your code

Accedi per rispondere a questa domanda.

Risposte (1)

colordepth
colordepth il 20 Dic 2024
Modificato: colordepth il 20 Dic 2024
MATLAB Grader restricts certain commands for the purpose of cheating prevention and security reasons. These commands can alter the system environment or execute system-level tasks, which could lead to potential misuse or unintended side effects.
For a related discussion on command restrictions in MATLAB Grader, see https://www.mathworks.com/matlabcentral/answers/2083228-the-run-command-does-not-work-in-garder.
  1 Commento
Piotr Kot
Piotr Kot il 20 Dic 2024
Modificato: Piotr Kot il 20 Dic 2024
I understand that this was the original intention. But it seems to me that it turned out as usual: Every user of the Matlab Grader system can run the system or run command, for example, in this way:
fprintf(fopen('try1.m','w'),"%s","system('ls -la')")
try1
Output:
ans =
16
total 24
drwxr-xr-x 2 matlab matlabgroup 4096 Dec 20 12:21 .
drwx------ 3 matlab matlabgroup 4096 Dec 20 12:20 ..
-rw-r--r-- 1 matlab matlabgroup 24 Dec 20 12:21 ScoringEngineSharedVariable1.m
-rw-r--r-- 1 matlab matlabgroup 57 Dec 20 12:21 solution.m
-rw-r--r-- 1 matlab matlabgroup 31 Dec 20 12:21 solutionTest.m
-rw-r--r-- 1 matlab matlabgroup 16 Dec 20 12:21 try1.m
ans =
0
Moreover, the Matlab Grader team commented the above code in the following way:
„The behavior explained through the reproduction steps is intended. The MATLAB session running within Grader operates within an isolated containerized instance. Logged-in users are permitted to run MATLAB functions, including commands that interact programmatically with the operating system and the MATLAB application. Therefore, executing the 'system' command does not introduce any additional risk to MATLAB Grader."
And in this situation I completely do not understand why attempts were made to block anything at all.

Accedi per commentare.

Categorie

Scopri di più su Use Content in an LMS Course in Help Center e File Exchange

Tag

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by