Sandboxing Sandbox

Discussion in 'sandboxing & virtualization' started by guest, Apr 28, 2013.

Thread Status:
Not open for further replies.
  1. guest

    guest Guest

    Yes, I know it has been asked a few times here and there. I just want to verify that I got it right. Feel free to correct me if I made some mistakes. :)

    I feel a little worried when I read Hungry Man's post here, so I decided to do some readings. Based on this blog and some other sources, with my limited knowledge as an ordinary PC user, I conclude that...

    Chrome sandboxes its parts (e.g. tabs, plugins, javascript, etc) to separated processes. What happened in one part won't affect the others. This brings some advantages in stability and security. But Chrome's sandbox uses Windows' security feature. If there's a flaw in the OS and M$ just didn't patch it right in time, Chrome's security is on the line.

    OTOH, Sandboxie isolates programs and processes in a dark realm virtualized environment as a whole. So unless you're messing with the settings, any changes, written files, etc won't harm your OS until you recover it to pass the sandbox and should be uh, swept away once you cleaned the sandbox.

    Based on the conclusions above, I can safely assume that Chrome's sandbox and Sandboxie's sandbox work differently. Therefore, sandboxing Chrome with Sandboxie won't interfering each other and won't cause any problems but instead, increasing the protection. Am I right? :)

    There are a few things that I still couldn't solve yet:

    1. I heard Chrome's sandbox won't protect you form PDF exploits, is that true?
    2. Does Chrome sandbox its extensions now?
    3. Is Chrome itself is sandboxed?

    EDIT: After much thoughts, I finally decided to drop Sandboxie. Not only because I hesitate about the compatibility w/ Chrome, but also I have a lot of programs that triggers Sandboxie's software compatibility alert. Hopefully it'll be fine. :)
    Last edited by a moderator: May 1, 2013
Thread Status:
Not open for further replies.