Is there exists a way to run an untrusted code (C or C++) under a sandbox in Windows. Something that would prevent the program from opening files, or network connections, or forking, exec, etc?
It would be a small program, that gets uploaded to a server where it'll be compiled and executed, the program would be short lived.
When this question was asked, Windows did not have as many isolation options available to it. However there is been some improvement.
The now goto answer for this is to either use use Docker or Hyper V containers/VM.
But in the pre-Windows 10 era, answer was to manipulate the process isolation that came around windows vista/7 and use a separate user/application account.
Process Abilities:
You could manipulate the programs Integrate level and run with a restricted/unique user so reach is limited (group policy can further limit user).
Network access:
File access:
The NTFS file system has one of the most configurable file systems around,if you are running the process as a distinct user, you can craft an ACL policy to significantly limits the process's file access.
Source:
Finally if you have access to the source-code, you can likely remove or modify problem parts.