Sandbox (computer security)

Sandbox

In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, oruntrusted programs from unverified third-parties, suppliers, untrusted users and untrusted websites.

The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization.

Sandbox technology is something that is getting more and more publicity lately, but still many individuals and particularly your average home user don’t really know much about it.  Since the infocarnivore blog focuses on the simpler side of security with the aim of assisting individuals who aren’t computer security experts I thought I’d write a brief post outlining sandbox technology.

What is it?

Today’s Sandbox technology as it relates to computer security is simply put a method of separating running programs from each other.  It’s not to be confused with the Sandbox Effect related to search engines, orSandbox Technique used by software development companies.  A security sandbox is essentially a virtual environment where programs can run safely without having an effect on the overall system.  This is especially useful when browsing the web or testing an untrusted program from perhaps an unknown or untrusted source