Recently became interested in how various contests is controlled by the behavior of the program participants? No, of course it is clear that the participants themselves (in the case of breach is usually suspended), but from a programmatic point of view. For example: the prohibition on the network, file system, processes, etc. i.e. you can only read/output to stdin/stdout, to allocate some memory and call standard functions (libc).
In this issue may be resolved by adding if'and all system calls (the kernel patch). But it is under Linux.
Question — how do you spell this kind of "sandbox" under Windows? Starting from the guest solves a lot of problems, and to climb quite difficult. But I want a complete solution. In what side to dig, what to read, is there documented methods. Ready program is, but I want to collect at least some Bicycle with your hands.