4

I'm currently working on an assignment in a cluster programming class. The class has been given an account on the cluster, so we can ssh in and do our work. The problem is that the one account is shared among everyone in the class. Each student just makes their own directory and works within it.

Obviously a problem is that students can just look at each others work and plagiarize. I don't want people to see my work until after the assignments have been submitted.

There are no version control systems on the cluster, so I can't just pull a repository from my own machine and work on the assignment, then push it and remove what's on the cluster each time I work.

What is the best way to prevent others from seeing my work? Ordinarily I'd just work on my own machine and then upload to the server when it is due. But because I don't have my own cluster, we all need to actually use the one account.

Yes, believe it or not this is actually a real world problem I am facing - not a hypothetical.

oadams
  • 2,335

5 Answers5

5

The real solution to this problem is to talk to your instructor to give you separate accounts, or to change the assignments to be group assignments. If he/she can't or won't do that then I would just ignore any plagiarizing attempts from other students. You don't lose anything when they copy your work, they lose.

That said, here is a way to keep your source code virtually inaccessible for anyone else.

you@local$ ssh shared@cluster "gcc -x c -o yourdir/secret -" < source.c

Note the dash at the end of the gcc command. That means gcc will read the source from stdin. This will compile source.c from your local machine to yourdir/secret on the cluster. The secret source code will never exist as a "real" file on the cluster. It will only exist as a stream in some buffer (in the sshd process, I assume).

If your code is not written in C then your will have to change the c in the -x c option. See here for more information about that.

Other students can still grab your compiled file and decompile that. To minimize even that risk you can delete the file right after compiling and executing.

you@local$ ssh shared@cluster "gcc -x c -o yourdir/secret - && yourdir/secret ; rm yourdir/secret" < source.c

If you are really paranoid you should make sure that you are executing the real gcc. Other students might write a wrapper around gcc, which saves the source code before compiling it, and place that wrapper in your path. You should also execute the real rm.

you@local$ ssh shared@cluster "/usr/bin/gcc -x c -o yourdir/secret - && yourdir/secret ; /bin/rm yourdir/secret" < source.c
Lesmana
  • 27,439
2

Afaik there is no way to effectively hide something to yourself.. You could hide your code in a deep chain of dot-folders, but as long as you can see it your classmates will see it too, because they are you. And if you want to work with your code you need to see it.

What you can do is setting up a similar system, e.g. install the same OS in a VirtualBox or on a separate machine (take care of the architecture), write your code only on this system, compile it and only copy the binaries to the cluster to submit them to the queue.
Your opponents still have access to the bytecode, but it's much harder to understand bits and bytes than C-sources ;-)

binfalse
  • 5,528
  • 4
  • 27
  • 28
1

The perfect answer would be encryption, but presumably if you can't pull data to/from your own computer, then you probably can't install any disk, volume or file encryption software.

That said, the teachers must know what they are doing and if they chose for you all to use a common space, there must be a reason behind it. Maybe it is to learn about trust and collaboration? Why not ask them?

EDIT: since you can pull data to and from the server, why not use rsync?

asoundmove
  • 2,495
  • I can pull data to and from the server, I just don't have permissions to install anything. – oadams Apr 25 '11 at 05:22
  • If gpg is installed already you could use that to encrypt the data. gpg comes built-in to many nix flavors (I'm assumong it's a nix) so it may be usable. A last resort would be to attempt obfuscation with some other standard utility like uuencode or base64 but that's not real security. – Andrew Lambert Apr 25 '11 at 07:38
1

You can't hide anything that happens on the cluster from the other students. Since they're not doing anything different at the authentication stage, from the system's point of view, everything is done by the same user who can observe his own processes, debug them and so on.

You can prevent other students from seeing your source code by compiling it on your machine and uploading only your binaries and launching scripts. If the server isn't running the same processor architecture as your PC, install a cross-compiler. Gcc is easy to compile as a cross compiler, there are fairly clear instructions bundled with the source code. You'll need to also have the development packages for any libraries your programs are linked with.

Once you've compiled the binaries on your machine, upload them to the server and run them. Other students will be able to grab your binaries, but decompiling them would be more work than doing the assignment, so that's not a major problem.

Here are example Makefile snippets that may be useful:

CC = /usr/local/bin/powerpc-linux-eabi-gcc

test: myprogram
        <myprogram ssh cluster 'cat >oadams; chmod +x oadams; trap "rm ./oadams" EXIT HUP INT TERM QUIT; time ./oadams'
Gilles 'SO- stop being evil'
  • 829,060
0

On the topic of encryption, if you're using vi or vim to edit your code, you could use vim's built-in encryption: vim -x myfile.c for new files.

Before vim 7.3 it is pretty easily breakable, but it will stop casual browsing at least.

Nick Knowlson
  • 101