In Process Sandbox

To run the compiled code quickly, Jeed loads it into the current JVM process. Since the submitted code is untrusted, Jeed takes measures to confine each task, securing the process and other confined tasks from it. There are three categories of concerns:

1. Confined tasks must not be able to perform privileged operations to manipulate the host machine.
2. Confined tasks must completely stop after reaching the configured timeout.
3. Confined tasks must not be able to ruin the environment for other tasks.

Java security

TODO!

Bytecode transformation

TODO!