![]() ![]() It relies on the Microsoft hypervisor to run a separate kernel that isolates Windows Sandbox from the host. Secure: Uses hardware-based virtualization for kernel isolation. According to the official documentation, the Sandbox shares both the host's immutable system files, as well as the physical memory pages.ĭespite that, Microsoft seems to remain confident that their solution is secure as implied by one of bullet points mentioned in the Sandbox overview: If I understand things correctly, everything that in theory can be safely shared between the host and the guest, gets shared. Windows Sandbox claims to "achieve a combination of security, density, and performance that isn't available in traditional VMs", by leveraging a different approach to memory and disk management. But for the purpose of this question, let us just consider the host-guest scenarios. Of course, that is considering the VM actually does the job it's supposed to do.Ī little disclaimer beforehand - I've read the article Beware the perils of Windows Sandbox at Magnitude8, describing how the Windows Sandbox comes with a NAT pre-enabled and thus any malware running on the guest would still get a direct access to your intranet, which is already a large problem. It makes adding an extra layer of security to any thing I want to do so easy - just launch the sandbox application in a matter of seconds and you're done. The idea of having a fast, disposable VM at the palm of my hand appeals to me very much.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |