Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Application Sandboxing is a feature of ACS an action in Application Control Solution (ACS) that limits the environments in which certain code can execute. In other words, it means running The sandbox runs a process in a Job that job object that limits its ability to interact with other processes, as well as limiting some specific types of interactions with the operating system, such as:

  • Reading or writing from the clipboard
  • Shutting down the system
  • Adjusting display settings

...

To a large extent further lock down applications in the post-Windows Vista era, most of the benefits of cross-process protection are mitigated by the Integrity Level (IL) mechanisms introduced.  sandbox, you can adjust process rights to add a restricted SID. (For more information, go to Adjust Process Rights - Restricted SID.)

Tip
titleNote

Some of the

...

Internet-facing apps today (such as

...

Internet Explorer, Chrome, Word, and Adobe Reader) already implement their own extended sandboxing. As such,

...

the sandboxing feature would not apply to them.

 

Further reading that For further reading about Application Sandboxing in Windows can be found at, go to:

Create Sandbox Action

To create a sandbox action, do the following steps:

  1. In the Security Manager Console, click the Policies tab.
  2. In the file library in the left pane, navigate to Arellia Solutions > Application Control > Actions.
  3. Right-click the Actions folder, click New, and then click Sandbox Action.
    Image Added
  4. In the Create Item dialog box, give the sandbox a Name and Description.

  5. Click Save.

    Image Added

  6. In the right-pane, set the Restrictions by selecting the check boxes.
  7. Click Save.
    Image Added

You can find the new action at the bottom of the list of Actions folders.