Sandboxing is a technique for creating confined execution environments used to run untrusted programs safely. The term derives from the Java world, where Java Applets run in a highly restricted environment with no access to the real underlying system.
How a Sandbox Works
Any files downloaded or programs executed within the sandbox are isolated from the host OS. If malware infects the sandbox session, the real system remains unaffected. Closing the sandbox erases everything within it — including infections — restoring the host to a pristine state.
Note: Files in the sandbox are not saved to the real system unless deliberately moved. If the sandbox is closed without migrating them, they are permanently lost.
ASP.NET Trust Levels
| Trust Level | Restrictions |
|---|---|
| Full | Unrestricted system resource access (default) |
| High | Most privileges, some registry/kernel restrictions |
| Medium | No unmanaged code; file I/O limited to app directory |
| Low | No registry, event log, or OLE DB access |
| Minimal | Code execution only — bare minimum |
Sandbox Types
- Virtual Machines (VMs): Provide a complete runtime sandbox, e.g., the Java Virtual Machine.
- Proof-Carrying Code (PCC): Code carries a formal safety proof validated before execution. Tampering invalidates the proof.
- Malware Analysis Sandboxes: Execute malicious samples under monitored, firewalled conditions to enable behavioural classification.
Defence Recommendations
- Run all high-risk or unverified programs exclusively inside a sandbox.
- Set ASP.NET trust level to Medium or lower for web application assemblies.
- Use sandboxed VMs for malware analysis to prevent lateral spread.
- Educate users: the protection is nullified if they browse outside the sandbox believing they are inside it.
CISSP Made Easy 