Advanced Desktop Application Sandboxing via AppContainer

H

hjlbx

Thread author
SHvFl said:
Doesn't experimental feature of Chrome has that? Pretty sure it's the same thing. Issue is when you enable it no hooking of any program like an antivirus is possible.
Chrome & AppContainer Tweak
Click to expand...

To be honest I am not sure.

There is AppContainer and then also Windows Integrity Mechanism.

I do not know if Windows Integrity Mechanism can be used to apply restriction to app executed within AppContainer.
 
D

Deleted member 178

Thread author
Chrome's sandbox and Windows' sandbox use similar approach;. they profit from the Windows' Integrity mechanism created since Windows Vista. Chrome does it only for webpages and plugins.

AppContainer is another level of integrity introduced in Win8.

Each process has given a Token (containing its informations , integrity level, privileges)

AppContainer differs lightly with those integrity levels in the way that it implements the "Lowbox" token, which assign "capabilities" to the app ; capabilities are areas (internet access, picture/music/etc.. libraries, webcam, microphone, removable storage, etc...) the app may access or not (decided by its dev).

In Win8-10 , a broker check the original token of the process, and if possible, transform it to the Lowbox token.
 
Last edited by a moderator:
  • Like
Reactions: hjlbx
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
AppContainer is one of the subsidiary component for Sandbox and literally they act same to each other; however they operate in such different angle and not so much observe by users much.

Hence it reduce the possible vulnerability risks from the long run.
 
You must log in or register to reply here.

Similar threads

MuzzMelbourne
    • Like
    • +Reputation
    • Applause
New Update Win32 App Isolation now available in preview
Replies
1
Views
1,200
Microsoft Defender
Ink
Ink
Bot
    • Like
Emsisoft 2023.10: See what users have installed with the Application Inventory
Replies
0
Views
352
Emsisoft
Bot
Bot
Andy Ful
    • Like
    • +Reputation
    • Thanks
  • Sticky
Serious Discussion WHHLight - simplified application control for Windows Home and Pro.
Replies
265
Views
19,586
Hard_Configurator Tools
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top