Sandbox

From Computing and Software Wiki

(Difference between revisions)
Jump to: navigation, search
(Mechanism)
(Mechanism)
Line 4: Line 4:
== Mechanism ==
== Mechanism ==
-
Typically when a program is run the hard disk is read to load program parameters and then data is written back when the program exits. The following figure demonstrates this scenario.[[Image:Without_Sandbox.png]]
+
Typically when a program is run the hard disk is read to load program parameters and then data is written back when the program exits. The following figure demonstrates this scenario.[[Image:Without_Sandbox.png|alt text]]

Revision as of 04:49, 6 April 2008

A sandbox (in computer security) is a security mechanism used on servers and personal computers to execute third-party programs that are unverified or have a non-trusted source. A sandbox allows a guest program to run under tightly-controlled conditions, which typically prevent the guest program to write to the host computer’s permanent disk storage and provide a highly restricted network access. Some sandboxes also disallow the guest program to read from the host’s input devices as a means to prevent malicious programs from reading sensitive data like passwords, network keys and credit card information.


Mechanism

Typically when a program is run the hard disk is read to load program parameters and then data is written back when the program exits. The following figure demonstrates this scenario.File:Without Sandbox.png

Personal tools