Friday, June 24, 2005

Sandboxing

What would be the ultimate sandbox environment to help protect you from the bad guys on the Internet?

Well, running in Virtual PC is one way. If something rogue takes over your system, it's really only taking over the Virtual PC. Of course, for the normal person, this means that you need to buy an OS license for the VPC's installed OS.

Wouldn't it be cool if your browser (or OS) would abstract out access to the hard drive, and make all writes occur to a virtual/differencing/undo drive?!!

Think of it like this: You run an ActiveX control in your browser, and it needs to write to disk. Maybe this writing to disk is just installing the control in the first place. Doesn't matter, because what we want to avoid is allowing something from the internet to persist to the live hard drive.

The OS intercepts the disk I/O, and instead of denying the request (which breaks the ActiveX control), it simply writes to a shadow drive. When the ActiveX reads from disk, the shadow information supercedes any real-disk information (i.e., if no shadow info exists for the requested I/O, then real-disk info is provided if allowed). So, the ActiveX control really isn't aware that it's not looking at the real drive. And, this shadow information can be thrown away after the session ends.

Surely, this needs to be thought out some more. I just wanted to record the thought while it was more or less fresh in my mind.