Schoco is a school-focused coding IDE workflow with automated tests. The main risk is untrusted code execution and assignment pipeline abuse.
- Run test/execution workers in isolated containers/VMs.
- Block host-level privileges and privileged mounts.
- Restrict outbound network access from execution workers.
- Reset execution environment per submission.
¶ 2) Protect assignment and grading controls
- Restrict who can create/edit assignments and tests.
- Require authentication for teacher/admin access.
- Audit grading changes and assignment publishing actions.
- Disable public project access unless explicitly required.
- Keep Schoco dependencies and runtime updated.
- Use HTTPS for all user and API traffic.
- Encrypt backups containing submissions and grades.
- Monitor for abusive submission bursts and resource exhaustion.
- Schoco source repository: https://github.com/PhiTux/schoco
Any questions?
Feel free to contact us. Find all contact information on our contact page.