Sandbox and its comparison with Virtual Machine

What is a sandbox?

It is a testing server used to create a testing environment.

What is a testing environment?

A testing environment is a setup of software and hardware on which the testing team performs the testing of the newly built software product to check for flaws or errors.

Why do we need to create a testing environment or sandbox?

We create a testing environment or sandbox to run “untrusted” code. Because we do not want our critical system to be exposed to potentially flawed code.

It helps in reducing the risk of technical errors which may damage important data or users.

It protects host device from unverified programs which may contain virus or malicious/ malfunctioning code.

It prevents applications from being able to modify your files or interact with other applications.

It is a very important SECURITY mechanism.

What does a sandbox do?

It creates a technical environment with well-defined and RESTRICTED scope.

Sandboxes restrict what a piece of code can do, giving it just as many permissions as it needs without adding additional permissions that could be abused.

Tasks of sandbox:

1. To protect from disclosing certain information.

2. To stop applications/programs from exhausting resources.

3. To stop or kill unexpected services from running.

4. MOST IMPORTANTLY, to stop the program or application from quitting, disabling or erroring the sandbox itself.

What are the similarities and differences between a sandbox and a virtual machine?

Similarities:

1. Both Virtual Environment and Sandbox are methods of providing isolation.

2. Both Virtual Environment and Sandbox cannot prevent malicious activity happening WITHIN an application.

Differences:

Vitual Environment and Sandbox are implemented in different ways and provide different flavour of protection.

Virtual Machine

Sandbox

1. It provides a way of running a whole seperate virtual computer in your computer.It literally is a completely different computer.

It can have different:

  • files
  • softwares
  • OS
1. Sandbox is a friendly method using which you can run applications on your existing computer BUT you can SELECTIVELY restrict your application what it can do and what it cannot do.
2. Virtual machines are heavy weight. 2. Sandboxes are light-weight.
3. Virtual machines provide complete isolation. 3. Sandboxes provide flexible isolation.
4. Usage Example:You could run a Linux Virtual Machine on a Windows computer or vice-a-versa. 4. Usage Example:An email client can be sandboxed so that it can’t write files to your disk, but it can open URLs in your web browser.
Sandbox and its comparison with Virtual Machine