I have a few questions about sandboxes and VMs

By mretzloff
Mar 21, 2008
  1. Hello. It would be great if anyone could answer my questions.

    What's the difference between a sandbox and a virtual machine? When using either, your system cannot be harmed, correct? Are there any downsides to using either?
  2. jobeard

    jobeard TS Ambassador Posts: 9,147   +597

    good questions!

    A Virtual Machine(VM) runs on a real hardward+OS environment while pretending
    to be something else; A different OS and usually a very different environment.
    By that I mean, that programs running in the VM do not see the resources of the real
    HW+OS but only the VM. The VM is a great lier -- it misrepresents the size of RAM and the
    programs that are running on the "system". Any change to what appears to be the registry
    (or any other resource) do not effect the real registry -- (or that's the way it SHOULD BE).

    A sandbox sounds very similar but operates differently. It relies upon the protection system to be effective
    and then creates duplicates of critical resources and places them in a separate
    directory. That directory on the real system is then made to look as if it were the
    whole partition! If the permission system is effective, then the sandbox will allow
    programs to fuss with anything IN the sandbox but protect everything OUTSIDE it.
    In the Linux world, invoking CHROOT is the means to create the sandbox

    Btw: Dual boot systems are neither of these approaches as the choice at boot time
    excludes the other environment.

    There are reasons to prefer one over the other. In the Mac OS X 10.4 environment, the Parallels Desktop is an example of the VM approach. Both
    Windows and Mac run "in parallel" and you can even copy/paste from one to the other.

    If I didn't need the parallelism, I would opt for the sandbox technique because:
    1. system maintenance is unaffected
    2. system drivers do not get modified
    3. security (logon, permissions, & network) are still managed as before
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...