Questions tagged [sandbox]
A sandbox is a security mechanism for containing and restricting untrusted programs. Such programs could contain malicious code, which would otherwise harm the user's system.
214 questions
6
votes
3
answers
1k
views
Keyboard isolation in Android
I'm currently running GrapheneOS on a Pixel 6a, and I have installed several alternative keyboards from F-Droid and the Play Store.
How isolated are keyboards in Android? When I enable a keyboard in ...
- 975
0
votes
1
answer
247
views
Why do sandboxes detect behaviour that isn't in the binary?
A case here: https://www.virustotal.com/gui/file/416b4499cd364f8d645e7bcd591ca4ac71ad1227e4a888c7f1d49e90445e07e2/behavior
You can get the file I uploaded here (POSTNTFS.EXE inside the zip file): ...
- 1,300
1
vote
1
answer
87
views
What to consider when routing priviledged ports to sandboxed services? net.ipv4.conf.eth0.route_localnet=1 vs CAP_NET_BIND_SERVICE
The use case is: running isolated services, either as a hardened systemd unit file -- with close to a zero score on systemd-analyze security, or a linux container.
Both of those will place services ...
- 355
1
vote
0
answers
63
views
Untrusted QEMU guest with access to host partition UUID/label
I'm analyzing a system where services are isolated via QEMU. For storage, it gives each guest access to their own block device/partition on the host (for performance reasons).
I'm wondering if this ...
- 145
2
votes
1
answer
382
views
Can I use SELinux to add an extra layer of protection against 0-day VM escape exploits in KVM/QEMU?
My host is Fedora, and I want to add an extra layer of protection against 0day KVM/QEMU exploits that execute code on the host. For example there have been CVEs where if we run a specially crafted ...
- 410
3
votes
0
answers
802
views
How does a hacker get access to the root user when disabling the sandbox in puppeteer, and what does it look like?
You'll see stuff like the first comment here that adding the --no-sandbox flag when launching puppeteer "is a giant security hole" (upvoted many times). Puppeteer troubleshooting docs say &...
- 726
1
vote
1
answer
186
views
Existence of sandbox to protect programs from a hostile host
As I understand it, a sandbox is an isolated environment on a machine, used to protect the host from the programs in the sandbox.
Is there something similar but in reverse, for running important ...
- 11
0
votes
1
answer
2k
views
How to safely download files from Telegram using Sandboxie?
I need to download certain files from Telegram. It is mostly images and videos. I am aware that even this kind of files can contain malicious code, so I want to be 100% safe. (The files usually ...
- 103
0
votes
2
answers
344
views
Why don't we sandbox email clients company-wide?
Following on to questions like Sandbox for attachment accessment and How do I safely inspect a suspicious email attachment?.
Why don't we sandbox email clients company-wide?
I must be missing ...
- 190
0
votes
0
answers
299
views
How to Safely Research a Suspected Malicious Website by Using A VM [duplicate]
I am aware of a website that I suspect is, at the very least, pulling user data from visitors and possibly performing other malicious activity on visitors. Of course, the safest course of action is to ...
0
votes
0
answers
177
views
Apparmor profile for executing untrusted binaries for online judge
I am writing an online judge so I need to sandbox execution of untrusted binaries for judging and for that, I am using apparmor. Here's my current simple profile:
#include <tunables/global>
...
3
votes
1
answer
13k
views
Is it possible for a Virus to "leave" the Windows Sandbox (VM) and infect the host system?
Im using Windows 11 Pro. It has a feature called "Windows Sandbox", which is basically a virtual machine.
If im getting a Virus inside of this sandbox, is it possible for that Virus to ...
user282727
1
vote
0
answers
153
views
The simplest measures to run short code snippets securely on AWS Lambda
I would like to use AWS Lambda to run solutions to programming problems for an online courses website. So far, I use simple eval in my lambda function. However, many posts (e.g. this and this) suggest ...
- 111
0
votes
1
answer
455
views
How to know if you have downloaded a malware on a virtual machine [duplicate]
First, I'm a complete beginner, my only experience in malware is running windows defender lol. But I will try my best to learn anything that you guys recommend.
My younger brother keeps downloading ...
1
vote
0
answers
295
views
Is using a singularity sandbox an effective way to increase security through isolation / compartmentalization?
I am using singularity sandboxes in my workflow for several reasons unrelated to security. However, after using it a bit, I am now wondering: is using a singularity sandbox an effective way to ...
- 339