Should applications be sandboxed?

[mr tribute]

This is a question I don't have a definitive answer to, but I think many platform developers are currently thinking about this. As a Free Open Source Software supporter I think FOSS is the most natural way to keep software in check.

If I install something I basically think:
1. Is this FOSS?
2. Do I trust the dev and are they accessible and is the source easily available? One example could be software that is on GitHub (for example) where the dev is responsive and comment on issues etc. A project with a long and "flawless" history will naturally be more trusted.

Application sandboxing is a way to protect from malware or spying, but the question is if it is an effective way. Malware infections can be stopped by antivirus. Antivirus is annoying, but probably important on any platform that becomes popular. I think a Mac can still be run without antivirus, but I think there is a function called Gatekeeper that only allows you to install Apple approved software by default.

Spying is much harder to protect against because what is the difference between spying and telemetry? That question can be impossible to answer. So to protect from unauthorized access a system will grant permissions to applications. So let's say you install a random application, why not Pale Moon.

The system will then ask you if you want to give Pale Moon access to the filesystem (Downloads folder), microphone, camera and in some cases if you want to give Pale Moon access to the Internet. There is something ridiculous about application sandboxing, but I can't quite put my finger on it.

I think application sandboxing comes from the mobile world where low quality and proprietary software from shady developers are plentiful. I don't think application sandboxing adds much value to a desktop system, mostly annoyance. I don't know how Win32 applications are treated on Windows 11; if they just install and launch normally or if Microsoft has put controls in place similar to those controls available for UWP apps.

Ultimately I think application sandboxing feels like an alien concept on a desktop platform. If an application is so bad that it needs to be sandboxed, then it is an application related problem. Also, how is one supposed to use this bad application without punching holes in the sandbox? Either you use a bad application or you don't. How can sandboxing help you if you have decided to use a bad application?

[vannilla]

If sandbox is merely blocking access to resources then it's quite useless.
Sandbox should be creating a space the application can access normally while making it impossible to access anything that is not inside the box.

[Moonchild]

Actually, sandboxie had the right idea, I think.
Not block the untrusted application from accessing data, per se, but preventing it from making changes to what it accesses.

As for spying, well, that's not really preventable because you're interacting with the application and the application will want to have access to the 'net, so that is completely isolated from whatever else is on your system.

[jangdonggun1234]

Actually, sandboxie had the right idea, I think.
Not block the untrusted application from accessing data, per se, but preventing it from making changes to what it accesses.

As for spying, well, that's not really preventable because you're interacting with the application and the application will want to have access to the 'net, so that is completely isolated from whatever else is on your system.

I only use sandbox to run unknown softwares/games, because first I don't want them to mess up with my registry, creating files in my winsxs folder, second that lower the chance of my computer getting infected by virus.

[Mæstro]

Spying is much harder to protect against because what is the difference between spying and telemetry? That question can be impossible to answer.

One word is Frankish; the other is Greek. The deeds themselves are the same, but whenever we bury something under southern words, it seems much kinder than it truly is.

[therube]

Off-topic:

I think FOSS is the most natural way to keep software in check

How so, but that's really immaterial to your question.

.
.
If I install something I basically think:
1. it goes into the sandbox

GitHub (for example) where the dev is responsive and comment on issues etc

And that means that it is "safe" (in whatever way you want to interpret, safe)?

sandboxing is a way to protect from malware or spying

I say, protect from malware affecting anything outside of the sandbox ( - hopefully).
As far as spying, I don't see how that would be thwarted.

Malware infections can be stopped by antivirus

Arguable.

I think a Mac can still be run without antivirus

As can Windows. (I do.)
(Some might think that to be unsafe.)

what is the difference between spying and telemetry?

There is none.

I think application sandboxing comes from the mobile world where low quality and proprietary software from shady developers are plentiful.

Like that doesn't exist outside of mobile?

I don't think application sandboxing adds much value to a desktop system

I don't understand the differential - mobile vs. desktop?
If mobile is "so bad", how is desktop also not "so bad"?

sandboxing feels like an alien concept on a desktop platform

I'd think that arbitrarily throwing something onto your (let's say) desktop should be an alien concept.
Alas, it is not. It is what everyone does - without thinking.
(Well, almost everyone.)
Might that be the reason that... .

If an application is so bad that it needs to be sandboxed, then it is an application related problem.

Then at that point, why are you using it?

Either you use a bad application or you don't.

There you go. Either you use it, or you don't - period.
If you do, then you're left to whatever the program does.

If you want to dabble, throw it into the sandbox & hope it does not get out.

How can sandboxing help you if you have decided to use a bad application?

Hopefully by not affecting anything outside of the sandbox.


(I'm trying to think of a "bad" application that I would only run sandboxed ...?)


I don't typically "run" a program, sandboxed.
I test a program in a sandbox.
And if it tests OK, if I'm comfortable with it, then I let it out (assuming it were something I would use regularly).
I do have a few programs that I dabble with, that I do keep in a sandbox - only because I'll only use them only once in a while, & I'm not really up to speed on the program, so if I can dabble that way, I needn't really be concerned about it.
If it got to the point where I was fairly proficient in the program & was using it regularly & was comfortable with it, then, I would bring it out.