Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there a lightweight, programmable Sandbox API for the Windows platform? [closed]

To run untrusted code at home I use a VMWare virtual machine. I want to find an alternate lightweight sandbox API for running untrusted applications, without the overhead of installing VMWare, or any other kind of end-user virtualization tool like that. (Edit: I don't want it to host an OS - I want it to run untrusted apps).

Ideally the sandbox would be (or could be made) transparent so the app running in the sandbox doesn't display any extra chrome or features. (Don't they do this in Parallels on the Mac)

The Windows .NET developer side of me wishes for an API so instead of booting up a special GUI, I can script scenarios for it.

It would be like how the Google Chrome web browser contains its own technology to sandbox scripts running from the Internet to protect the system. Google doesn't need to distribute VMWare with their browser and yet they achieve sandbox security for apps.

Edit:

Looking for something lightweight like Google Chrome contains with features like greatly restricted file/network/UI access, low privileges, etc. Not looking for running/hosting its own OS.

like image 759
John K Avatar asked Jan 06 '10 22:01

John K


People also ask

What happens when you close Windows sandbox?

A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application.

Is there a sandbox in Windows 10?

The Windows Sandbox is a temporary virtual machine built into Windows 10 and Windows 11 that allows you to run software without it affecting the rest of your system.

Is there sandbox in Windows 11?

Note: If you are running Windows 11 Pro Edition, you can directly skip to this step and enable the required features to start using the Windows Sandbox virtual environment on your PC. 9. Finally, open the Start menu and search for “windows sandbox“. It will appear on top, and you can click to open Windows Sandbox.

Is there a sandbox on Windows Home?

Windows 10 Home is missing a couple of essential features, including Group Policy Editor and Windows Sandbox, which allows you to run programs isolated safely. In this guide, we have a workaround that will enable you to run Windows Sandbox in Windows 10 Home Editon.


1 Answers

Google's Chrome is using 4 windows mechanisms to achieve this:

A restricted token
The Windows job object
The Windows desktop object
Windows Vista only: The integrity levels

Have a look at: https://sites.google.com/a/chromium.org/dev/developers/design-documents/sandbox

They have a detailed description of what they're doing.

like image 57
Otto Avatar answered Oct 10 '22 03:10

Otto