Be very, very, careful. You don't want someone submitting a rootkit as a sample solution! Were I you I would do some very serious studying of ways of executing untrusted code. Note that there are well-known ways of breaking chroot jails, that is not enough. On many *nix systems you have something called POSIX capabilities (a marketing misnaming since they have essentially nothing to do with real capabilities) that might be able to give you enough protection to sleep at night.

Other ideas are to use OpenBSD for the test, run the code inside of VMWare (from a stock image that you throw away afterwards) or examine user-mode Linux.

Personally I like the VMWare and user-mode Linux ideas the best, but YMMV. It is your system after all...