Is Sandboxing the End-All Solution?

Saturday, January 01, 2011

Dan Dieterle


When you have millions of lines of code, like you have in an Operating System, you will have bugs. Hackers can use these coding bugs to create exploits.

Microsoft and Adobe products have been a favorite target for hackers. But how do you protect software from hackers when there are unknown bugs?

The answer just might be sandboxing. But what is sandboxing? According to Wikipedia:

A sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users. The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization.

We see this technology used in Virtual Machines. Several guest operating systems can run on a host system, and each has its own memory space, hard drive storage, etc.  They are on a single machine but are not allowed to communicate with each other.

These types of features are being used in the development of secure Operating Systems. The client user space will not be allowed to communicate (or theoretically infect) the core functions of the system.

Programs can be sandboxed too.  Google and Adobe have added sandboxing features to their Chrome and PFD Reader products. If the products are compromised, this should limit the ability of the hacker to access the rest of the system.

But how well will this work? Sandboxing is a great idea, and will help a lot in dealing with buggy code. Although in reality is just another level of defense. Granted it adds to the difficulty of penetration, but it will be compromised just like everything else is over time.

Unfortunately security, like Anti-Virus, is a constantly evolving process. As soon as a new anti-virus definition comes out for the latest virus, three more new viruses are detected.

The same is true in the security field. When a new security product comes out to address an issue, exploits and ways to bypass it follow along shortly.

At this point in the game, your hope is that you have added enough protection to your systems that the attacker gives up and moves on to easier pray. And to keep logs and monitor your systems in case they don’t.

Cross-posted from Cyber Arms

Possibly Related Articles:
Network->General Operating Systems
Vulnerabilities Virtual PC Operating Systems Hacker sandboxing
Post Rating I Like this!
Robert Gezelter A nicely written piece. I agree with the premise, that it is sometimes, if not frequently necessary to isolate applications in separate environments.

One of the problems is often applications that presume full access to the system configuration, or applications (e.g., VPNs) that require Administrator level access to function (such applications are also frequently notorious for playing poorly with similar applications).

One solution to this problem is the concept of "disposable virtual machines", which isolate the damage possible from applications, whether from internal implementation deficiencies or from vulnerabilities.

I discussed this concept extensively in "Disposable Virtual Machines: Deliberately Expendable", the August 23, 2010 entry in "Ruminations -- An IT Blog". This entry is accessible at This article was based upon my presentation at the 2010 Trenton Computer Festival.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.