Sandbox
From Computing and Software Wiki
(→Mechanism) |
(→Mechanism) |
||
Line 4: | Line 4: | ||
== Mechanism == | == Mechanism == | ||
- | Typically when a program is run the hard disk is read to load program parameters and then data is written back | + | Typically when a program is run the hard disk is read to load program parameters and then data is written back to the hard disk from time to time during program execution and termination. The following figure demonstrates this scenario. |
Revision as of 04:53, 6 April 2008
A sandbox (in computer security) is a security mechanism used on servers and personal computers to execute third-party programs that are unverified or have a non-trusted source. A sandbox allows a guest program to run under tightly-controlled conditions, which typically prevent the guest program to write to the host computer’s permanent disk storage and provide a highly restricted network access. Some sandboxes also disallow the guest program to read from the host’s input devices as a means to prevent malicious programs from reading sensitive data like passwords, network keys and credit card information.
Mechanism
Typically when a program is run the hard disk is read to load program parameters and then data is written back to the hard disk from time to time during program execution and termination. The following figure demonstrates this scenario.