IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sandbox]

A sandbox is a security mechanism for containing and restricting untrusted programs. Such programs could contain malicious code, which would otherwise harm the user's system.

212 questions
28
votes
3 answers

How is Sandboxing implemented?

What is sandboxing? Is it the trapping of OS system calls and then deciding whether to allow it to pass through or not? How is it implemented to begin with? Would it be by way of hooks in the SSDT (kernel level)?
David J
  • 291
  • 1
  • 4
  • 5
13
votes
1 answer

How is a public scriptable site like codepad or ideone manages it's sandboxing?

I've researched this stuff a lot in the recent months but I can't grasp any solid basis on how they achieve running unsafe scripts in so many languages without a problem! I'm sure they are running virtual machines since language specific sandboxes…
alfa64
  • 231
  • 1
  • 4
7
votes
1 answer

The difference between jailing, sandboxing and interpretation

In my IT security classes I frequently ran over these terms and had a hard time distinguishing between them, so I tried to figure their differences: Sandboxing: Defense mechanism against mobile code, which runs in a separate runtime environment.…
AdHominem
  • 3,036
  • 1
  • 18
  • 28
2
votes
1 answer

Pokki Sandbox architecture. Is it secure?

Today I have looked at the desktop application framework - Pokki. The first questions were: how it works and is it secured. What I have found about security architecture: Pokki Security Overview. So my questions are: 1) Is the sandbox architecture…
garik
  • 1,292
  • 15
  • 24
1
vote
1 answer

subuser, benefit or liability?

I'm trying various sandboxing solutions on linux. I'm used to running untrusted programs (for example, a web browser, a pdf document reader, etc) inside a selinux sandbox, which I'm quite satisfied with, but there is a problem: it's only supported…
boh15
  • 11
  • 2
1
vote
1 answer

Why does sandboxie require admin privileges when it runs a software installer that requires it?

Shouldn't it just "emulate" the admin privileges like everything else? Why dose it actually require it? And is there any security problems with that?
Hormoz
  • 171
  • 4
1
vote
2 answers

How does a sandbox module know the difference between trusted and untrusted code

What criteria does a sandbox use to determine whether executing code (registry read/write) can be trusted or not ?
Joe T
  • 11
  • 2
0
votes
1 answer

Is Sandboxieplus safe against credential grabber?

On the default settings, does https://sandboxie-plus.com/ protect against credential grabbers?
Rooki
  • 3
  • 1
0
votes
1 answer

use namespace and cgroups or seccomp to implement online judge?

I'm writting a online judge(support C/C++、GoLang). I want to implement a sandbox by myself. my idea: namespace and cgroups compile user's source code statically run executable file in a complete new namespace…
si9ma
  • 1
  • 1