
	Where results make sense

Topic: Sandbox (security)

Related Topics

Mozilla Firefox

Display resolution

Computer display

Computer display standard

Genetic engineering

Tesco

Music of Ethiopia

In the News (Tue 22 Dec 09)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	Sandbox (computer security) - Wikipedia, the free encyclopedia
		The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory.
		The guest operating system is sandboxed in the sense that it does not run natively on the host and can only affect it through the intermediary emulator and its effect upon shared resources, such as hard disk space.
		The term "sandbox" is also used much more generally in computing to refer to a testing environment for software (including website) and even content development; see the sandbox (software development) article for this broader usage.
	en.wikipedia.org /wiki/Sandbox_(computer_security) (336 words)

	Why Security?
		Security is important because networks represent a potential avenue of attack to any computer hooked to them.
		Because the sandbox security model imposes strict controls on what untrusted code can and cannot do, users are able to run untrusted code with relative safety.
		One of the greatest strengths of Java's sandbox security model is that two of these components, the class loader and security manager, are customizable.
	www.artima.com /insidejvm/ed2/security.html (1370 words)

	Macromedia - Developer Center : ColdFusion Security, Part I: Understanding Sandbox/Resource Security
		For those using ColdFusion MX Enterprise Edition, the feature is referred to as “sandbox security” while in Professional Edition, it’s referred to as "resource security." The terms are often used interchangeably, which has contributed to some confusion.
		Of course, database security control is another important measure of defense, but especially in a shared environment you might want to prevent ColdFusion code in one application from being able to access a data source belonging to another application.
		Indeed, these are referred to as "sandboxes" (hence the name) and are specified as the access controls that apply for all code in a given directory.
	www.adobe.com /devnet/security/articles/sandbox_01.html (1777 words)

	ColdFusion MX 7 -- Using sandbox security -- Version 7
		Sandbox security (called Resource security in the Standard Edition) uses the location of your ColdFusion pages to control access to ColdFusion resources.
		Sandbox security lets you specify which tags, functions, and resources (for example, files, directories, and data sources) can be used by ColdFusion pages located in and under the designated directory.
		If you also define a sandbox for the rnd directory, the rnd sandbox settings also apply to the dev and qa directories; the wwwroot and sales directories maintain their original settings; and the rnd settings override the wwwroot directory settings for the rnd directory and its subdirectories.
	livedocs.macromedia.com /coldfusion/7/htmldocs/00001766.htm (622 words)

	What is sandbox? - A Word Definition From the Webopedia Computer Dictionary
		The sandbox is a set of rules that are used when creating an applet that prevents certain functions when the applet is sent as part of a Web page.
		The sandbox creates an environment in which there are strict limitations on what system resources the applet can request or access.
		Sandboxes are used when executable code comes from unknown or untrusted sources and allow the user to run untrusted code safely.
	www.webopedia.com /TERM/S/sandbox.html (552 words)

	sandbox - a Whatis.com definition
		Using the Java programming language and development environment, the sandbox is the program area and set of rules that programmers need to use when creating Java code (called an applet) that is sent as part of a page.
		The sandbox is implemented not only by requiring programmers to conform to certain rules but also by providing code checkers.
		In the original sandbox security model, the sandbox code is generally known as untrusted code.
	searchsecurity.techtarget.com /gDefinition/0,,sid14_gci283994,00.html (490 words)

	Configure ColdFusion MX security
		Edit security permissions for files and directories Enable tags and functions within the sandbox to access files and directories outside of the sandbox.
		Edit security permissions for servers and ports Specify the IP addresses, ports, and port ranges that the ColdFusion tags can use to call third-party resources.
		Thus, sandbox security lets you specify which tags, functions, and resources (for example, files, directories, and data sources) can be used by ColdFusion pages located in and beneath the designated directory.
	www.pwrc.usgs.gov /cfide/administrator/help/sandbox_sec.htm (922 words)

	The Base Java Security Model: The Original Applet Sandbox (Chapter Two) [Securing Java]
		Security concerns have always been one of the major technical stumbling blocks to achieving safe mobile code.
		Since the Java sandbox model has been widely distributed to millions of users with their Web browsers, it is safe to say that the Java sandbox is today's most widely used sandbox model.
		With the introduction of JDK 1.1, Java's sandbox model underwent a state transition from a required model applied equally to all Java applets to a malleable system that could be expanded and personalized on an applet-by-applet basis.
	www.securingjava.com /chapter-two (674 words)

	Using sandbox security
		Sandbox security uses the location of your ColdFusion pages to control access to ColdFusion resources.
		This hierarchical arrangement of security permits the rapid configuration of personalized sandboxes for users with different security levels.
		If your security requirements are minimal and you do not need additional sandboxes, configure the default sandbox so that the child directories will inherit its security settings.
	www.co.multnomah.or.us /cfdocs/Administering_ColdFusion_MX/Security3.html (1029 words)

	Wireless Java Security
		The basic idea of the sandbox is that local code is trusted and can have full access to the underlying file system, and downloaded remote code is untrusted and can access only limited resources provided inside the sandbox.
		The type of security provided by the class verifier is limited to validating that a given Java class is a valid class but not more.
		The KVM provides a sandbox security model that is different from the conventional Java sandbox model in the sense that it does not control access through the
	developers.sun.com /techtopics/mobility/midp/articles/security (2033 words)

	Building a bigger sandbox - Java World
		Discussions of Java's security model always seem to involve mention of the so-called sandbox security model.
		Security managers exist to enforce the rules of the sandbox.
		The sandbox concept is fairly simple: When you run a piece of Java code, you may want the sandbox to provide an area for the code to do what it needs to do.
	www.javaworld.com /javaworld/jw-08-1998/jw-08-sandbox.html (594 words)

	Java Security Architecture: -
		The original security model provided by the Java platform is known as the sandbox model, which existed in order to provide a very restricted environment in which to run untrusted code obtained from the open network.
		The essence of the sandbox model is that local code is trusted to have full access to vital system resources (such as the file system) while downloaded remote code (an applet) is not trusted and can access only the limited resources provided inside the sandbox.
		The sandbox model was deployed through the Java Development Kit (JDK), and was generally adopted by applications built with JDK 1.0, including Java-enabled web browsers.
	java.sun.com /j2se/1.4.2/docs/guide/security/spec/security-spec.doc1.html (832 words)

	Information Security Magazine (Site not responding. Last check: 2007-11-07)
		One of the central security concepts of the original Java security model is that possibly dangerous (untrusted) code can safely run on a VM, which ensures security with the traditional Java sandbox security model.
		Risk-based security testing (linked directly to risk analysis findings) of the combined system helps to ensure that cards adhere to critical design features and will thus be able to perform in a secure manner in the field.
		Additional security testing must be performed on each of the applets to be loaded to the card in Visa's and its members' system, ensuring that no applet introduces unacceptable security risk.
	infosecuritymag.techtarget.com /articles/march01/cover.shtml (3238 words)

	Java SE Security
		Java security technology provides the developer with a comprehensive security framework for writing applications, and also provides the user or administrator with a set of tools to securely manage applications.
		Security features — cryptography, authentication and authorization, public key infrastructure, and more — are built in.
		The Java security model is based on a customizable "sandbox" in which Java software programs can run safely, without potential risk to systems or users.
	java.sun.com /javase/technologies/security/index.jsp (604 words)

	Understanding the keys to Java security -- the sandbox and authentication - Java World
		You may have heard about the latest flaw in the security of JDK 1.1 and HotJava 1.0 that was recently discovered by the Secure Internet Programming team at Princeton University (led by one of the authors).
		Whenever a security hole is discovered, the story blasts into the computer news (and sometimes the business news) very quickly.
		The main goal was to address the security issue head-on so that naive users (say, a majority of the millions of Web surfers) would not have to become security experts just to safely peruse the Web.
	www.javaworld.com /javaworld/jw-05-1997/jw-05-security.html (629 words)

	Sandbox - Wikipedia, the free encyclopedia
		Sandbox (railways), used to improve traction between the metal wheels and rails used in train, subway and streetcar systems, and buses
		Sandbox (or sand table), a box of sand used in military education and training, in conjunction with scale models, to model terrain and demonstrate tactics.
		"Sandbox", a U.S. military slang term, used since at least the late 1990s to refer generally to locations in the Middle East.
	en.wikipedia.org /wiki/Sandbox (269 words)

	Security Software Slaps IE In "Sandbox" To Ward Off Threats - Security Technology News by TechWeb
		The approach blocks some malware from reaching the operating system and lets users "wipe" the browser slate clean to return IE to a pristine state.
		Security analyst Richard Stiennon of IT-Harvest agreed, and then some.
		Today, organizations are challenged with creating a new security management model that weaves disparate security elements into a single, centralized security architecture that is easy to install, easy to manage, and easy on the budget.
	www.techweb.com /wire/security/189601972 (825 words)

	New Issues in Java Security [Java Security Web Site]
		Unlike the base Java security situation, in which an applet has to run in the sandbox and is limited in the sorts of things it can do, an ActiveX control has no limitations on its behavior once it is invoked.
		Such a relaxation of the security model is important for developers who are chomping at the bit for their applets to do more.
		At the same time the Java security landscape is undergoing major changes with the introduction of JDK 1.2, Java is also downsizing into a platform for smart cards.
	www.cigital.com /javasecurity/compstrat.html (4222 words)

	Java Sandbox (Site not responding. Last check: 2007-11-07)
		The sandbox security concept was invented to reassure users of the net that downloaded Java code (called Applets) was safe.
		The default security manager is loaded automatically when the JVM runs an applet, but you have to load it explicitly if you wish to enhance security when the JVM runs a local application.
		This is because the default security manager is the same as that used to control applets.) This is the same behaviour as the applet.
	www.ryerson.ca /~dgrimsha/courses/cps530/sandbox.html (628 words)

	About resource and sandbox security (Site not responding. Last check: 2007-11-07)
		Sandbox security is a superset of resource security.
		If you create a sandbox that is a subdirectory of a sandbox, the subdirectory's rules override the parent directory's rules.
		Sandbox security also lets you structure and partition an application to reflect the access rights that are appropriate to different functional components.
	www.nksd.net /cfdocs/htmldocs/00001177.htm (457 words)

	Java's Security Architecture
		You achieved security by being careful only to use software from trusted sources, and by regularly scanning for viruses just to make sure things were safe.
		Instead of security being established by requiring you to prevent any code you don't trust from ever making its way onto your computer, the sandbox model lets you welcome code from any source.
		One of the greatest strengths of Java's security model is that two of the four components shown in the above list, the class loader and the security manager, are customizable.
	www.artima.com /underthehood/overviewsecurity2.html (530 words)

	Beyond the Sandbox: Signed Code and Java 2 (Chapter Three) [Securing Java]
		In essence, the three parts of the sandbox explained in the previous chapter implement a language-based security enforcer.
		With the introduction of code signing in JDK 1.1, Java's sandbox model underwent a state transition from a required model applied equally to all Java applets to a malleable system that could be expanded and personalized on an applet-by-applet basis.
		After we remind ourselves of the main goal of the new security model, we are ready to trace its evolution.
	www.securingjava.com /chapter-three (495 words)

	Macromedia - MPSB04-01 Security Patch available for ColdFusion MX sandbox security
		The sandbox cannot be compromised externally, but programmers operating in a shared, hosted environment could be vulnerable.
		Sandbox Security patch (7 KB ZIP) should be downloaded and applied to affected versions of ColdFusion MX 6.1.
		If you identify what you believe may be a security issue with a Macromedia product, please send an email to secure@macromedia.com.
	www.macromedia.com /devnet/security/security_zone/mpsb04-01.html (531 words)

	Fortres Grand Corporation: Virtual Sandbox
		Virtual Sandbox is a secure software system designed to allow unknown or untrusted programs to be run in an isolated environment without access to personal files, local networks, and system settings.
		With Virtual Sandbox installed, programs can be allowed to run in a discardable, carefully tailored, virtual environment that is contained and isolated from the operating system, but appears on your Windows desktop.
		Virtual Sandbox allows favorites to be mapped into a synthetic profile and for new favorites to be saved persistently in the user’s real profile without providing general access to the real profile.
	www.fortresgrand.com /products/vsb/vsb.htm (1085 words)

	The eBay Sandbox — eBay Developers Program
		When testing in the sandbox, API calls should be posted to the Sandbox Gateway URL https://api.sandbox.ebay.com/ws/api.dll.
		The sandbox GUI site is located at http://www.sandbox.ebay.com and can be used to view your test transactions and test the complete auction cycle.
		Sandbox Keys information you received when you joined the program.
	developer.ebay.com /support/tools/sandbox (381 words)

	:: NORMAN :: Antivirus \| Firewall \| Network security (Site not responding. Last check: 2007-11-07)
		When a file is scanned the first time after the NVC scan engine is initialized, a simulated computer is actually booted in the computer's memory.
		In other "sandbox" solutions, you will see that only parts of the environment is virtualized - the bulk of the code runs on real CPU, and when this code tries to f.ex.
		Norman is one of the world’s leading companies within the field of data security.
	www.norman.com /Virus/13927/en (520 words)

	Security Tradeoffs: Java vs. ActiveX
		Think of the sandbox as a security fence that surrounds the program and keeps it away from your private data.
		When Java security does break down, the potential consequences are just as bad as those of an ActiveX problem: a hostile program can come to your machine and access your data at will.
		Plug-ins have the same security model as ActiveX: when you download a plug-in, you are trusting it to be harmless.
	www.cs.princeton.edu /sip/java-vs-activex.html (1396 words)

	Virtual Sandbox - Wilders Security Forums
		It still seems to me that DW should be a killer security app, but I am very surprised that it hasn't created more of a stir at Wilder's.
		As about sandbox HIPS- the thing is that, originally, sandbox HIPS are for the regular (non-technical) users.
		Even though virtual sandbox prompts all of the time for any new "unknown" program that is trying to run, I sort of like that part about it in the sense that if I don't know about it, I'd like to see what it's all about before I let it run freely.
	www.wilderssecurity.com /showthread.php?t=125370 (1777 words)

Try your search on: Qwika (all wikis)