Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code without allowing the software to harm the host device. In the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Network access, the ability to inspect the host system, or read from input devices are usually disallowed or heavily restricted. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as storage and memory scratch space.
It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading. For the software testing environment, see Sandbox (software development). This article is about the computer security mechanism.