Okay there have been from what i have seen many posts on sharing resources between sandboxes and from what i can see if we start cross sharing it may compromise security.
So i was thinking on this and heres what i came up with..
Sometimes its nice to be able to access resources out side of the current sandbox but so far the only resources accessible are from any apps that are installed outside of sandbox altogether where as everything else is in its own isolation.
Now imagine.. we want to install an app sandboxed from the main environment but we also what to share its resources with other sandboxes,
from what i can see this is impossible because once it is sandboxed its locked away..
the only way to do it is install outside of sandbox but this then changes the main environment..
solution/suggestion:
#1 Make Sandboxie itself a top level Parent with all sandboxes created inside this as normal becoming a child of the parent.
inside the sandbox. Everything and anything installed is isolated from the main top level OS but all apps resources and changes are permanent within the parent level
and because this is a parent all child sandboxes have access to all its resources. but parent processes do not have access to child resources.
typical scenario..
You want to install a bunch of plugins on your system but in isolation..
plugins are a resource that is a global item so it would normally get installed at top level of the OS not in sandbox.
but since we now have a parent in sandbox we install them there and all child sandboxes now have access to this resource
just the same as they would if they were installed at top level on the main OS.
Advantage..
top level installs get the advantage of isolation which they currently dont have.
we no longer have to install anything on top level in the OS for global access
we have another level of isolation that does not touch the top level of the OS.
This about as simple a solution i could think of without it getting to complicated for Sandboxie.
(make sense?)
What do you think??
Shared sandbox (a different approach suggestion)
Who is online
Users browsing this forum: No registered users and 1 guest
