The methods of sandboxing and isolation
|Ján Lieskovský (Red Hat)
In the talk we will present various applied techniques for sandboxing and isolation. Starting with description of ways for isolation in selected programming languages, we will proceed to describe the concepts used in various implementations of a fully-fledged sandbox at application level (design philosophy, limitations). Using the presented information to outline expectations for a sandbox solution, we will progress to detail chosen features of modern operating systems applicable and already used for sandbox implementation at OS level. We will take a look how these features are integrated into existing sandboxing solutions. Finally at the end we will see how the concept of sandbox can be used to implement OS independent software / application development platforms, what approaches are used there, discuss selected working prototypes of this effort, and sketch where the development in this area might be heading in the future. Note: The slides will be in English, but the talk will be held in Slovak.