Posts

Sandbox

What a sandbox is and how to use one — updated from the 2009 guide with Windows Sandbox, browser isolation, and the maintained Sandboxie fork.
Table of Contents

In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users.

I recommend Sandboxie for daily use on Windows — the open-source fork maintained by the Sandboxie-Plus community after the original project was discontinued.

The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization.

Examples of sandboxes

  • Windows Sandbox — a lightweight, disposable desktop built into Windows 10 Pro/Enterprise and Windows 11 Pro/Enterprise. Spin up a clean Windows instance, test something suspicious, and close it — everything is discarded.
  • Browser site isolation — modern browsers (Chrome, Edge, Firefox) run each tab or site in a separate process, so a compromised page cannot easily read data from another tab. This is the successor to the old browser-applet model.
  • Containers — Docker, Podman, and similar tools isolate applications with their own filesystem and network namespace. Common on Linux and macOS for development and testing.
  • Jails — resource limits imposed by the operating system kernel (I/O caps, disk quotas, network restrictions, restricted filesystem namespace). SELinux and AppArmor on Linux are modern examples.
  • Virtual machines — emulate a complete host computer; the guest OS is sandboxed in the sense that it does not run natively on the host and can only access host resources through the emulator.
  • Malware analysis sandboxes — security researchers create environments that mimic targeted desktops to evaluate how malware infects and compromises a target host.
  • Capability systems — fine-grained sandboxing where programs are given opaque tokens when spawned. Site isolation in Google Chrome is an example of capability-based user-level sandboxing.
  • Online judge systems — test programs in programming contests.
  • Code-execution pastebins — allow users to execute pasted code snippets in a controlled environment.

Retired examples

The original 2009 version listed Adobe Flash, Java applets, and Silverlight as sandbox examples. All three are retired — Flash reached end of life in 2020, Silverlight was discontinued in 2021, and Java applets were removed from browsers years ago.