From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,FORGED_GMAIL_RCVD,
	FREEMAIL_FROM autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: 103376,af0c6ea85f3ed92d
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII
Received: by 10.68.74.201 with SMTP id w9mr2916486pbv.0.1328848865774;
        Thu, 09 Feb 2012 20:41:05 -0800 (PST)
Path: 
 wr5ni7384pbc.0!nntp.google.com!news2.google.com!postnews.google.com!qt7g2000pbc.googlegroups.com!not-for-mail
From: Rob Shea <zzycatch@gmail.com>
Newsgroups: comp.lang.ada
Subject: Re: Arbitrary Sandbox
Date: Thu, 9 Feb 2012 20:41:05 -0800 (PST)
Organization: http://groups.google.com
Message-ID: 
 <b413fd6c-dc65-4b85-8126-6d9704c2e3c5@qt7g2000pbc.googlegroups.com>
References: 
 <8e83f2be-c6e9-4b0b-b53c-d50fe70d01e1@pq6g2000pbc.googlegroups.com>
 <jh25oo$lsl$1@speranza.aioe.org>
NNTP-Posting-Host: 114.76.94.142
Mime-Version: 1.0
X-Trace: posting.google.com 1328848865 27913 127.0.0.1 (10 Feb 2012 04:41:05
 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Fri, 10 Feb 2012 04:41:05 +0000 (UTC)
Complaints-To: groups-abuse@google.com
Injection-Info: qt7g2000pbc.googlegroups.com; posting-host=114.76.94.142;
 posting-account=3Ly23AoAAABzcQBzLiIXe1WPOFNRSfDG
User-Agent: G2/1.0
X-Google-Web-Client: true
X-Google-Header-Order: HUALENKRC
X-HTTP-UserAgent: Mozilla/5.0 (X11; Linux x86_64;
 rv:10.0) Gecko/20100101 Firefox/10.0,gzip(gfe)
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Date: 2012-02-09T20:41:05-08:00
List-Id: <comp.lang.ada>


Thank you for all the feedback Shark8


> =A0 =A0The use of the term "Sandbox" suggests security is a primary goal.=
 =A0Ada
> was invented for the military.
>
True, and that is a bit point in favour.

> > The idea is a Windows test station sandbox where arbitrary
> > applications can be executed, but cannot make system changes or
> > transmit data.
>
> =A0 =A0Could you be more specific? =A0That sounds like a computer running
> Windows, alone in a dedicated room, with no connections to the outside.

Well, virtually speaking, that is exactly what I want... literally
speaking it's a Windows system, networked, with removable disks, that
needs to run untrusted code processing untrusted data. This untrusted
data and the system, network, printer, usb, etc must be immutable. A
read-only compartment that can run arbitrary, dangerous, code, safely.

In other words, a very simple and restrictive, operating system level
virtualization tool for Windows, that can be initiated by unprivileged
users.

cheers,

rob