Sandboxing

What is sandboxing?
Sandboxing is a computer security term that refers to the separation of a program from other programs in a separate environment so that these problems do not spread to other areas of the computer if errors or security problems arise. Programs are activated in their own locked area, where they can be edited without endangering other programs.

Sandboxes can look like a normal operating environment, or they can be much more bare. Virtual machines are often used for so-called runtime sandboxes.

There are also ways to use sandboxing in applications. For example, questionable code can be used securely with evidential code. "Evidence" must remain in place to ensure that the code is relatively safe to execute. This is very similar to the encryption keys used to ensure that a trustworthy exchange channel is achieved.

There are several other areas that a sandboxing layer can be set up in, such as: B. a library that enables sandboxing by intercepting calls. The library can also set up a sandboxing layer in the operating system kernel.

If you use software that may not be trusted, you need to use it in a sandbox area so that other software, files, and applications are not compromised.