Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Application Sandboxing is an Application Control Solution (ACS) action that limits the environments in which certain code can execute. The sandbox runs a process in a job object that limits its ability to interact with other processes, as well as limiting some specific types of interactions with the operating system, such as:

  • Reading or writing from the clipboard
  • Shutting down the system
  • Adjusting display settings

to further lock down applications in the sandbox, you can adjust process rights to add a restricted SID. (For more information, go to [REVIEW] Adjust Process Rights Improvements.)

 

Some of the internet facing apps today (such as Internet Explorer, Chrome, Word, Adobe Reader) already implement their own extended sandboxing. As such, this feature would not apply to them.

"You can place multiple apps in the same sandbox.

 

For further reading about Application Sandboxing in Windows, go to:

Create Sandbox Action

To create a sandbox action, do the following steps:

  1. In the Security Manager Console, click the Policies tab.
  2. In the file library in the left pane, navigate to Arellia Solutions > Application Control > Actions.
  3. Right-click the Actions folder, click New, and then click Sandbox Action.
  4. In the Create Item dialog box, give the sandbox a name, description and classification.
  5. Click Save.



  6. In the right-pane, set the Restrictions by selecting the check boxes.
  7. Click Save.

You can find the new action at the bottom of the list of Actions folders.

 

Related Links

 

  • No labels