Not if they're running linux. It's an interesting idea though! Food for thought.

If you do something like copy-on-write (for storage, and possibly for memory, too), it could be fairly light-weight.

Disclosure: I am working on XenServer.

That's neat. What I'd worry about is boot-up time. I let people compile and test their program with an AJAX button in the middle of taking a test. It's already 3-4 seconds before they get the result back, more delay would hurt.

With tasks queuing up as they already are, I might not be able to keep a fresh VM pre-warmed every time, either.

edit: The other factor is of course the prospective cost of a brand new configuration. Unless I find I can't prevent the current config from being breached and ephemeral VMs will fix it.

Check out U of T's Snowflock. Very fast VM cloning and destruction.

http://sysweb.cs.toronto.edu/snowflock

Hundreds of milliseconds, wow. Thanks!

Ach, I see now what eru meant by copy-on-write VMs.

Yes. Booting up every VM would take too long. Cloning them just before you execute the payload is the way to go.

(At least as long as you have a general purpose operating system. A special paravirtualised would probably not need to make much of a difference between booting and resuming. But that's only a theoretical musing for your circumstances.)

Many thanks for the tip.

This is my new plan of last resort if I can't prevent the current sandbox from failing.

Please keep me informed (matthias.goergens@gmail.com) on your progress, if you go this route. Thanks!

Will do!