Sandboxing may refer to:
disambiguation page lists articles associated with the title Sandboxing. If an internal link led you here, you may wish to change the link to point directly to the intended article. | This
A chroot on Unix operating systems is an operation that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name files outside the designated directory tree. The term "chroot" may refer to the chroot(2) system call or the chroot(8) wrapper program. The modified environment is called a chroot jail.
Virtual server may refer to:
CryEngine is a game engine designed by the German game developer Crytek. It has been used in all of their titles with the initial version being used in Far Cry, and continues to be updated to support new consoles and hardware for their games. It has also been used for many third-party games under Crytek's licensing scheme, including Sniper: Ghost Warrior 2 and SNOW. Warhorse Studios uses a modified version of the engine for their medieval RPG Kingdom Come: Deliverance. Ubisoft maintains an in-house, heavily modified version of CryEngine from the original Far Cry called the Dunia Engine, which is used in their later iterations of the Far Cry series.
In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as storage and memory scratch space. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.
A sandbox is a sandpit, a wide, shallow playground construction to hold sand, often made of wood or plastic.
In computer security, seccomp is a facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit
, sigreturn
, and read
and write
to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely.
A sandbox is a testing environment that isolates untested code changes and outright experimentation from the production environment or repository, in the context of software development including Web development and revision control.
Mandatory Integrity Control (MIC) is a core security feature of Windows Vista and later that adds mandatory access control running processes based on their Integrity Level (IL). The IL represents the level of trustworthiness of an object. This mechanism's goal is to restrict the access permissions for potentially less trustworthy contexts, compared with other contexts running under the same user account that are more trusted.
A sandbox game is a video game with a gameplay element that gives the player a great degree of creativity to complete tasks towards a goal within the game, if such a goal exists. Some games exist as pure sandbox games with no objectives. These are also known as non-games or software toys. More commonly, sandbox games results from these creative elements being incorporated into other genres and allowing for emergent gameplay. Sandbox games are often associated with open world concepts which gives the player freedom of movement and progression in the game's world. The "sandbox" term derives from the nature of a sandbox that lets children create nearly anything they want within it.
Turbo is a set of software products and services developed by the Code Systems Corporation for application virtualization, portable application creation, and digital distribution. Code Systems Corporation is an American corporation headquartered in Seattle, Washington, and is best known for its Turbo products that include Browser Sandbox, Turbo Studio, TurboServer, and Turbo.
XAML Browser Applications are Windows Presentation Foundation (.xbap) applications that are hosted and run inside a web browser such as Firefox or Internet Explorer. Hosted applications run in a partial trust sandbox environment and are not given full access to the computer's resources like opening a new network connection or saving a file to the computer disk and not all WPF functionality is available. The hosted environment is intended to protect the computer from malicious applications; however it can also run in full trust mode by the client changing the permission. Starting an XBAP from an HTML page is seamless. Although one perceives the application running in the browser, it actually runs in an out-of-process executable (PresentationHost.exe) managed by a virtual machine. In the initial release of .NET Framework 3.0, XBAPs only ran in Internet Explorer. With the release of .NET Framework 3.5 SP1, which includes an XBAP extension, they also run in Mozilla Firefox.
In video games, an open world is a game mechanic of using a virtual world that the player can explore and approach objectives freely, as opposed to a world with more linear and structured gameplay. While games have used open-world designs since the 1980s, the implementation in Grand Theft Auto III (2001) set a standard that has been used since.
Malware analysis is the study or process of determining the functionality, origin and potential impact of a given malware sample such as a virus, worm, trojan horse, rootkit, or backdoor. Malware or malicious software is any computer software intended to harm the host operating system or to steal sensitive data from users, organizations or companies. Malware may include software that gathers user information without permission.
ZeroVM is an open source light-weight virtualization and sandboxing technology. It virtualizes a single process using the Google Native Client platform. Since only a single process is virtualized, the startup overhead is in the order of 5 ms.
In software deployment an environment or tier is a computer system in which a computer program or software component is deployed and executed. In simple cases, such as developing and immediately executing a program on the same machine, there may be a single environment, but in industrial use the development environment and production environment are separated; often with several stages in between. This structured release management process allows phased deployment (rollout), testing, and rollback in case of problems.
Shade sandbox is a sandbox-based isolation program developed by Eugene Balabanov. Shade is distributed to consumers as a shareware solution. It creates an isolated virtual environment within your computer: rather than running software and browsing the Internet directly, you can instead perform these actions through a fenced-off safe area. This mechanism creates a highly controlled environment for running untested or untrustworthy apps without threatening host operating system.
Junk Jack is an action-adventure sandbox video game by Italian developer Pixbits, originally released on iOS in 2011. A sequel entitled Junk Jack X was released on August 29, 2013. Junk Jack X has recently been renamed to Junk Jack, and the original game has been renamed to Junk Jack Retro.
Flatpak is a utility for software deployment and package management for Linux. It is advertised as offering a sandbox environment in which users can run application software in isolation from the rest of the system.
Ylands is a 2019 sandbox game developed by Bohemia Interactive.
gVisor is a container sandbox developed by Google that focuses on security, efficiency and ease of use released on May 2018. gVisor implements around 200 of the Linux system calls in userspace, for additional security compared to Docker containers that run directly on top of the Linux kernel and are isolated with namespaces. Contrary to the Linux kernel the project is written in the memory-safe programming language Go to prevent common pitfalls which frequently occur with software written in C.