Talk:Sandbox (computer security)
|This is the talk page for discussing improvements to the Sandbox (computer security) article.
This is not a forum for general discussion of the article's subject.
|WikiProject Computing / Software / Security||(Rated Start-class, Mid-importance)|
Sandbox é uma caixa ou uma área da memória do computador que alguns dispositivos de segurança , como antivirus por exemplo usam para executar com a autorização do administrador , aqueles programas desconhecidos ou que acabaram de ser baixados da internet evitando assim que ocorram corrupção ou instalação de programas maliciosos. — Preceding unsigned comment added by 18.104.22.168 (talk) 07:16, 11 September 2011 (UTC)
- Do you mean the Wiki sandbox? It's here: Wikipedia:Sandbox—Preceding unsigned comment added by 22.214.171.124 (talk • contribs) 22:15, 1 November 2005 (UTC)
- I found a nice simple one here http://www.sandboxie.com/—Preceding unsigned comment added by 126.96.36.199 (talk • contribs) 08:32, 2 September 2006 (UTC)
- If you are looking for a good, objective review of various products, I would suggest that you consult:
- You may also wish to add in an interesting Info World article that discusses and summarizes Roger Grimes' documented problems with the sandbox theory - http://www.infoworld.com/article/08/06/09/24TC-sandbox-security-fs_1.html Driver Eight77 (talk) 16:12, 2 April 2009 (UTC)
Paragraph about exceptions
Rule-based Execution gives users full control over what processes are started, spawned (by other applications), or allowed to inject code into other apps and have access to the net. It also can control file/registry security (What programs can read and write to the file system/registry) As such, viruses and trojans will have a less likely chance of infecting your PC. The SELinux and Apparmor security frameworks are two such implementations for Linux.
This paragraph is rather hard to understand for people who are not skilled in IT. It is also not obvious why this should be an example for a sandbox. Can somebody clarify that please?
||This article may be too technical for most readers to understand. (September 2011) (Learn how and when to remove this template message)|
If this article is limited to information that can be understood by IT newbies it would be of little use. The topic is inherently complicated. — Preceding unsigned comment added by 188.8.131.52 (talk) 21:39, 9 December 2011 (UTC)
- There are some very informative articles on Wikipedia about other highly technical subjects. If you already know the subject, then you don't need to be reading Wikipedia about it. Wikipedia is specifically FOR newbies to topics which people are unfamiliar with. If it wasn't then there wouldn't be any reason to have Wikipedia in the first place. QuintBy (talk) 02:14, 4 August 2013 (UTC)
Difference between a "sandbox" and a "container"
- Well, they're similar yet different... "Sandbox" comes from the "old shool" days and it's pretty much associated with chrooting a process, for example. On the other hand, "container" is a newer term, usually associated with operating system–level virtualization. Setups created as sandboxes usually aren't meant to be moved between different hosts, while containers are pretty much made to be easily moved around.
- Also, I wouldn't say that sandbox is for one application while a container is for multiple applications. You usually want one application per sandbox or container, as isolating one application is the key; however, nothing puts such restrictions. Though, it also depends what's taken as a single application; for example, a LAMP stack can be treated as one or as many applications. — Dsimic (talk | contribs) 07:53, 2 July 2014 (UTC)
http://www.chromium.org/developers/design-documents/sandbox and its subpages, especially the FAQ. --Jerome Potts (talk) 20:33, 29 January 2015 (UTC)
Other technologies to mention
There are a couple of technologies similar to seccomp. An example is capsicum on FreeBSD and pledge on OpenBSD. CloudABI appears to be a similar system. Maybe someone with more insight can add them to the article?--Athaba (talk) 14:09, 10 January 2016 (UTC)