restrict permissions on a java, c++, python program

Suppose I have to run a java, c++, or python3.8 program on my machine, but I don't want these programs to access my system information, run os commands, or perform any malicious activity. Is there a way to do this for each of the aforementioned languages?

Java theoretically has a solution for this: The 'SecurityManager'. You can set one up within your java code (you can tell the system: Here is some code; load it as the manager please).

A securitymanager gets called before certain things happen and can deny the operation. It's mostly anything that feels security sensitive:

• Quitting the VM
• Opening any file
• Opening any network connection
• Setting the security manager
• accessing clipboards
• Printing things
• Can influence certain aspects of thread loading

You'd tell java to run some class file that you wrote, that class file sets up a security manager, and will then run the application you want to restrict.

Note that you can't really restrict how much memory and/or CPU it uses with a SecurityManager, which can be quite an issue by itself.

The problem is, the primary use case for this mechanism is to run applets, and applets are long dead. Thus, it's a feature that few people in the java ecosystem are currently using, and little-used blacklist-style mechanisms are usually riddled with holes.

I'd strongly suggest you set up a virtual machine for this purpose. There are leaks in hypervisor based restrictions too, but 'host things in a VM and ensure it cant do things to the underlying machine' is a lot more common.