Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Sandboxing is a computer security term referring to when a program is set aside from other programs in a separate environment so that if errors or security issues occur, those issues will not spread to other areas on the computer. Programs are enabled in their own sequestered area, where they can be worked on without posing any threat to other programs.
Sandboxes can look like a regular operating environment, or they can be much more bare bones. Virtual machines are often used for what are referred to as runtime sandboxes.
There are also ways to use sandboxing in applications. For example, questionable code can be used in a safe manner with proof-carrying code. A “proof” must remain in effect to ensure that the code is relatively safe to execute. This bears a very crude likeness to the keys involved in encryption to ensure that a trusted exchange channel is being met.
There are various other areas where a sandboxing layer can be established, such as a library set to enable sandboxing by intercepting calls. The library might also establish a sandboxing layer in the operating system kernel.
When using software that may not be trustworthy, it is essential to use it in a sandboxed area so that other software, files and applications are not compromised.