Sandboxing user code with Erlang

As far as I know Erlang provides advanced features for error handling and isolation of processes.

I'm building a system that allow user to submit their code to be executed on the shared server environment and need to make it safe.

Requirements are:

limit CPU and Memory usage individually for each user-process.
forbid user-process to communicate with other processes (except some processes specially designed for such purpose).
forbid access to all sytem resources (shell, file system, ...).
terminate user-process in case of errors or high resource consumption.

Is it possible to to all this with Erlang and keep it performance efficient?

Solution

There has been work done on Safe Erlang in the past and you can find several papers about it. The ErlHive project addresses the problem in an interesting way.

Erlang erlIDE: what are the -compile options supported?
What are common causes for getting {error, enoent} for file:get_cwd()?
Elixir - Erlang: is there a "reasonable" limit of children handled by a supervisor?
What is Erlang written in?
Are there things Elixir can do that Erlang cannot, or vice versa?
case of not returning exact list. erlang
Is there any material or documentation about the rabbitmq_prelaunch in rabbitmq-server?
Are aliased functions optimized in Erlang
RabbitMQ fails on Error: unable to connect to node rabbit@TPAJ05421843: nodedown
Opening a device file using erlang
Convert timestamp to datetime in erlang
Extract all values from Erlang orddic
When to prefer `and` over `andalso` in guard tests
Erlang: doing a good job
Build rabbitmq-server and erlang with FIPS enabled from source
In Elixir, why is "alias" preferred over "import" for importing the modules?
How to compare two structures via pointer equality in Elixir / Erlang
Broadcast message to all joined clients when a new client joins the same room in Erlang
Printing all ets table values
Explanation of lists:fold function
Riak leaving node indefinitely waiting to handoff the partion to crash node
What's the status of current Functional Reactive Programming implementations?
rebar3 install plugins failed
.NET language for Concurrent programming
Erlang OTP supervisor: start_child does not work when another child is executing
Is there an equivalent to __MODULE__ for named functions in Elixir/ Erlang?
Zig Concurrency Vs Erlang Concurrency, is Zig less efficient than Erlang?
'rebar generate' doesn't include some dependencies in generated release
Error: invalid child spec in supervisor start_child function
elixir/erlang stacktrace. Correct function call interpretation