0

If you need to install software from a third party and frequently run it on your PC, but you do not trust the software, although antivirus doesn't rise any flags:

  • Is it possible to install software on Windows 10 Pro in an 'isolated' environment, so it's somewhat separated (or jailed) from the rest of the machine.

  • Can you restrict access for the software, so it only has access to its own installation folder and specific processes?

  • Can you take any measures to prevent privilege escalation and also firewall it, so there is no network traffic possible?

I know of sandboxing tools like 'sandboxie'. But I was wondering if you could do it (better) with native Windows 10 Pro settings, group policy ...?

schroeder
  • 123,438
  • 55
  • 284
  • 319
user3200534
  • 851
  • 8
  • 19

1 Answers1

1

Wrapping the application as a UWP provides some measure of sandboxing but it isn't designed for security so I don't recommend it here.

Personally, I would run such code either in a full VM (e.g. Hyper-V) or using Docker for Windows which would allow some measure of isolation.

Julian Knight
  • 7,092
  • 17
  • 23