Saint Andrew’s Hacking Paradise

What’s a Sandbox and Should You be Playing in One?

When children play in a sandbox, they’re confined to a controlled environment and isolated from the kids outside the sandbox. You’ve probably come across the word “sandbox” in a different context – to describe a particular kind of computer software security mechanism. But what exactly does it mean?

A sandbox is a software construct that makes it possible for you to isolate programs that are running on the same operating system from one another, so that what happens to one program doesn’t affect the others. Each program runs in its own highly controlled environment, with strictly limited access to the computer’s resources.

Software developers use the sandbox environment to test their newly written programs while protecting the production machines on the network from the unproven code. Security sandboxes are built into applications such as web browsers to limit what the application’s processes can do.

For example, the sandbox may prevent the application from writing data to the hard disk, allowing it to only use the computer’s processor and memory. Or the application may be restricted to writing only to a specific location (folder) on the hard disk. That means malware that attacks the application won’t be able to read or copy files from other locations on the computer, including the user’s data directories/folders. It won’t be able to crash the system by deleting files in the Windows directory because it’s not allowed access to that location.

To sandbox code, developers need to make sure that it doesn’t have to write temporary files to locations outside the sandbox or otherwise access outside locations for the application to run and do its job. Sandboxing is a balancing act, because the developer wants to make it as restrictive as possible to ensure the best security, but at the same time not impede the application from doing what the user wants it to do.

In addition to the web browsers themselves, browser plug-ins can come with their own sandboxes, like the sandboxed Flash Player for Mozilla Firefox that was introduced in February. Adobe Reader also uses a sandbox.

While Google has widely publicized its sandbox technology for Chrome, Microsoft calls Internet Explorer’s sandboxing feature “Protected Mode.” This feature was introduced in IE7 on Vista and it runs the browser with lower rights than a limited-user account, restricting its ability to change any operating system configuration settings and allowing it to write to only one folder (Temporary Internet Files). There is no write access allowed to any other part of the file system.

Sandboxes help protect systems from exploits; they aren’t invulnerable, though. Chrome’s sandbox was defeated a few months ago by a Russian student in this year’s Pwnium hacking contest. Google quickly issued an update to patch the vulnerability but it wasn’t the only one revealed during the same time frame.

For applications that don’t come with their own sandboxes, you can use software such as Sandboxie to isolate programs from one another. Another way to isolate applications so they won’t affect your main operating system is to run them on a virtual instance of the operating system in a virtualization program such as Microsoft’s Windows Virtual PC, VMware Workstation, VirtualBox, Parallels, etc.

Finally, you also can access GFI Software’s public sandbox to submit suspected files and URLs for free analysis at www.threattrack.com.