Another of my grad students, Rory Tulk, is converging on a thesis topic: making server-side build and test safe to do when you don't trust people's code. We need to figure this out because we'd like to use continuous integration in undergrad classes, but student code is frequently malicious (usually by accident, but occasionally on purpose). If you have thoughts, he'd like to hear from you.