Sandbox
From Computing and Software Wiki
Line 1: | Line 1: | ||
- | A '''sandbox''' (in | + | A '''sandbox''' (in computer security) is a security mechanism used on servers and personal computers to execute third-party programs that are unverified or have a non-trusted source. A sandbox allows a guest program to run under tightly-controlled conditions, which typically prevent the guest program to write to the host computer’s permanent disk storage and provide a highly restricted network access. Some sandboxes also disallow the guest program to read from the host’s input devices as a means to prevent malicious programs from reading sensitive data like passwords, network keys and credit card information. |
+ | |||
+ | |||
+ | == Mechanism == | ||
+ | |||
+ | Typically when a program is run the hard disk is read to load program parameters and then data is written back when the program exits. The following figure demonstrates this scenario. |
Revision as of 04:41, 6 April 2008
A sandbox (in computer security) is a security mechanism used on servers and personal computers to execute third-party programs that are unverified or have a non-trusted source. A sandbox allows a guest program to run under tightly-controlled conditions, which typically prevent the guest program to write to the host computer’s permanent disk storage and provide a highly restricted network access. Some sandboxes also disallow the guest program to read from the host’s input devices as a means to prevent malicious programs from reading sensitive data like passwords, network keys and credit card information.
Mechanism
Typically when a program is run the hard disk is read to load program parameters and then data is written back when the program exits. The following figure demonstrates this scenario.