Highest Voted 'sandbox' Questions - IT Security Stack Exchange

8

votes

4 answers

Same-origin policy for desktop application?

The same-origin policy is one of the most important security feature in our browser. It basically provides sandboxing for our applications which is protecting our users. Desktop application can read anything on your computer. If you install a…

sandbox same-origin-policy desktop

asked Aug 15 '14 at 14:46

Gudradain

6,921
2
26
43

8

votes

3 answers

How to sandbox Iceweasel (Firefox) on Debian?

Are there any tools for sandboxing Iceweasel (Firefox) on Debian systems? I'm mostly interested in tools distributed by Debian. (An equally trustworthy source would be second best.) (I suppose that installing VirtualBox and running Iceweasel (or…

linux web-browser firefox sandbox

asked Jun 23 '14 at 13:44

kjo

1,043
2
9
15

8

votes

3 answers

Designing a Sandbox for Windows

I am thinking about the design for a sandbox, which is able to execute arbitrary unmodified, untrusted binaries. The goal is to implement an application Unlike something like e.g. Google Chrome's sandbox it has to provide additional isolation that…

windows operating-systems virtualization sandbox

asked May 15 '13 at 12:25

Maarten

221
2
6

8

votes

1 answer

Security risks of using ffmpeg as part of web service

I'm working on a web service that uses ffmpeg on the backend for processing user uploaded media files. I'm giving the users some options to customize how their videos are processed, which is essentially parameterize the ffmpeg command. I'm planning…

risk-management sandbox docker vulnerability-assessment

asked Dec 28 '18 at 04:28

leros

183
1
5

8

votes

1 answer

Comparison between Firejail and Apparmor

I'd like to understand how Apparmor and Firejail compare to each other: advantages, pros and cons, purposes, similarities, etc. I might be asking to compare apples with oranges, however I've noticed several similarities. Firejail has "profiles", and…

access-control sandbox apparmor firejail

asked Oct 08 '18 at 22:50

reed

15,398
6
43
64

7

votes

2 answers

What are ways I can analyze malware in an infected machine, not just clean it?

I often run into infected devices in my environment and would like to learn more about the specific infections that have gotten in. What are the best tools and techniques I could use to do this? I was thinking of taking an image of the device and…

malware virtualization reverse-engineering sandbox

asked Mar 26 '15 at 22:14

user3622268

103
1
6

7

votes

2 answers

What does "sandboxing" mean for Chrome OS?

I read about Chrome OS in the security section, and I was wondering what the meaning of "sandboxing" that they keep mentioning is. Is this sandboxing like Selinux or Apparmor ?

operating-systems chrome sandbox

asked Aug 14 '14 at 05:59

user53427

155
1
1
10

7

votes

4 answers

How to make sandbox-only internet access?

How can I set up my Windows PC and/or network, so that none of the programs on my actual PC have internet access, but i have a sandbox/VM, with a browser, which has internet access, but has no access to the actual files. Essentially, i want to slice…

network sandbox

asked May 04 '13 at 23:53

Jani Kovacs

181
1
5

7

votes

4 answers

provable security and sandboxes

Maybe this can be answered by an answer to a more general question, such as what programs can be proven secure. Can it be (or has it been) formally proven that a sandbox is secure?

sandbox theory

asked Nov 25 '12 at 08:34

T. Webster

2,301
3
19
18

7

votes

2 answers

Opt-in a security profile at runtime, without tedious setup

I like lowering my access privilege mid-program (e.g. restrict my program to the current directory and files, disable networking). I imagine this is a pretty common wish. I would like to be able to do this as a normal user, without the involvement…

sandbox selinux apparmor seccomp

asked May 12 '19 at 15:34

fluxrider

171
2

7

votes

2 answers

What's safest way to run WhatsApp?

For work I have to use WhatsApp. I agree with EFFs concerns about WhatsApp and personal data (harvesting it and shoveling it into Facebook), and perhaps even its security. I thought it would be possible to run WhatsApp on my PC in a sandboxed…

sandbox whatsapp

asked Jun 19 '18 at 13:27

Absurdistan

145
2
6

7

votes

2 answers

What is the easiest way to sandbox an application in a *NIX environment?

I have a significant number of untrusted binary applications that need to be executed on a *nix box. I'm hoping that there might be some simple command/script (e.g. sandbox ./app1953) that could easily be used to isolate a single application from…

linux sandbox unix isolation

asked May 03 '18 at 00:53

Stack Tracer

514
2
5
14

7

votes

1 answer

How do I sandbox user JS without using a VM, transpiler, or whitelist-based API?

I've done my research and there are a few robust ways to sandbox user JS, namely: Use a JS VM that runs the JS using a sandboxed form of js, like VM.js Use a transpiler like Google Caja, which adds additional checks to preserve certain invariants…

xss javascript sandbox

asked Sep 01 '16 at 05:28

0x24a537r9

171
1

7

votes

1 answer

The difference between jailing, sandboxing and interpretation

In my IT security classes I frequently ran over these terms and had a hard time distinguishing between them, so I tried to figure their differences: Sandboxing: Defense mechanism against mobile code, which runs in a separate runtime environment.…

sandbox

asked Jul 19 '16 at 17:15

AdHominem

3,006
1
16
26

7

votes

1 answer

iOS: Sandbox on jailbroken device

From my point of view and with my rather poor knowledge of iOS, the principle of a sandbox in iOS is the following: each app and its data is installed in a private area within the partition, but each app runs under the same user 'mobile' the…

ios sandbox

asked Feb 13 '12 at 21:10

pfust75

425
7
9

Questions tagged [sandbox]