Sandbox
From Computing and Software Wiki
(→Mechanism) |
|||
Line 4: | Line 4: | ||
== Mechanism == | == Mechanism == | ||
- | Typically when a program is run the hard disk is read to load program parameters and then data is written back when the program exits. The following figure demonstrates this scenario. | + | Typically when a program is run the hard disk is read to load program parameters and then data is written back when the program exits. The following figure demonstrates this scenario.[[Image:Without_Sandbox.png]] |
Revision as of 04:48, 6 April 2008
A sandbox (in computer security) is a security mechanism used on servers and personal computers to execute third-party programs that are unverified or have a non-trusted source. A sandbox allows a guest program to run under tightly-controlled conditions, which typically prevent the guest program to write to the host computer’s permanent disk storage and provide a highly restricted network access. Some sandboxes also disallow the guest program to read from the host’s input devices as a means to prevent malicious programs from reading sensitive data like passwords, network keys and credit card information.
Mechanism
Typically when a program is run the hard disk is read to load program parameters and then data is written back when the program exits. The following figure demonstrates this scenario.File:Without Sandbox.png