Secure way to run other people code (sandbox) on my server?

Question

I want to make a web service that run other people code locally... Naturally, I want to limit their code access to certain \"sandbox\" directory, and that they wont be able

Answer 1

1. Running under unprivileged user still allows a local attacker to exploit vulnerabilities to elevate privileges.
2. Allowing to execute code in a VM can be insecure as well; the attacker can gain access to host system, as recent VMWare vulnerability report has shown.

In my opinion, allowing running native code on your system in the first place is not a good idea from security point of view. Maybe you should reconsider allowing them to run native code, this will certainly reduce the risk.