Questions tagged [sandbox]
A sandbox is a security mechanism for containing and restricting untrusted programs. Such programs could contain malicious code, which would otherwise harm the user's system.
214 questions
6votes
3answers
902views
Keyboard isolation in Android
I'm currently running GrapheneOS on a Pixel 6a, and I have installed several alternative keyboards from F-Droid and the Play Store. How isolated are keyboards in Android? When I enable a keyboard in ...
- 975
0votes
1answer
199views
Why do sandboxes detect behaviour that isn't in the binary?
A case here: https://www.virustotal.com/gui/file/416b4499cd364f8d645e7bcd591ca4ac71ad1227e4a888c7f1d49e90445e07e2/behavior You can get the file I uploaded here (POSTNTFS.EXE inside the zip file): ...
- 1,300
1vote
1answer
54views
What to consider when routing priviledged ports to sandboxed services? net.ipv4.conf.eth0.route_localnet=1 vs CAP_NET_BIND_SERVICE
The use case is: running isolated services, either as a hardened systemd unit file -- with close to a zero score on systemd-analyze security, or a linux container. Both of those will place services ...
- 333
1vote
0answers
38views
Untrusted QEMU guest with access to host partition UUID/label
I'm analyzing a system where services are isolated via QEMU. For storage, it gives each guest access to their own block device/partition on the host (for performance reasons). I'm wondering if this ...
- 145
2votes
1answer
279views
Can I use SELinux to add an extra layer of protection against 0-day VM escape exploits in KVM/QEMU?
My host is Fedora, and I want to add an extra layer of protection against 0day KVM/QEMU exploits that execute code on the host. For example there have been CVEs where if we run a specially crafted ...
- 410
2votes
0answers
690views
How does a hacker get access to the root user when disabling the sandbox in puppeteer, and what does it look like?
You'll see stuff like the first comment here that adding the --no-sandbox flag when launching puppeteer "is a giant security hole" (upvoted many times). Puppeteer troubleshooting docs say &...
1vote
1answer
160views
Existence of sandbox to protect programs from a hostile host
As I understand it, a sandbox is an isolated environment on a machine, used to protect the host from the programs in the sandbox. Is there something similar but in reverse, for running important ...
- 11
0votes
1answer
1kviews
How to safely download files from Telegram using Sandboxie?
I need to download certain files from Telegram. It is mostly images and videos. I am aware that even this kind of files can contain malicious code, so I want to be 100% safe. (The files usually ...
- 103
0votes
2answers
285views
Why don't we sandbox email clients company-wide?
Following on to questions like Sandbox for attachment accessment and How do I safely inspect a suspicious email attachment?. Why don't we sandbox email clients company-wide? I must be missing ...
0votes
0answers
251views
How to Safely Research a Suspected Malicious Website by Using A VM [duplicate]
I am aware of a website that I suspect is, at the very least, pulling user data from visitors and possibly performing other malicious activity on visitors. Of course, the safest course of action is to ...
0votes
0answers
141views
Apparmor profile for executing untrusted binaries for online judge
I am writing an online judge so I need to sandbox execution of untrusted binaries for judging and for that, I am using apparmor. Here's my current simple profile: #include <tunables/global> ...
3votes
1answer
11kviews
Is it possible for a Virus to "leave" the Windows Sandbox (VM) and infect the host system?
Im using Windows 11 Pro. It has a feature called "Windows Sandbox", which is basically a virtual machine. If im getting a Virus inside of this sandbox, is it possible for that Virus to ...
- 83
1vote
0answers
120views
The simplest measures to run short code snippets securely on AWS Lambda
I would like to use AWS Lambda to run solutions to programming problems for an online courses website. So far, I use simple eval in my lambda function. However, many posts (e.g. this and this) suggest ...
0votes
1answer
408views
How to know if you have downloaded a malware on a virtual machine [duplicate]
First, I'm a complete beginner, my only experience in malware is running windows defender lol. But I will try my best to learn anything that you guys recommend. My younger brother keeps downloading ...
1vote
0answers
265views
Is using a singularity sandbox an effective way to increase security through isolation / compartmentalization?
I am using singularity sandboxes in my workflow for several reasons unrelated to security. However, after using it a bit, I am now wondering: is using a singularity sandbox an effective way to ...
- 339
