Most mainstream browsers come with their own sandboxes to keep your computer safer. This post looks at what is a Browser Sandbox, how to use it, or disable it completely on Google Chrome, Microsoft Edge, and Mozilla Firefox.
What is a Browser Sandbox?
A Sandbox allows your kids to play with sand without the sand scattering everywhere in your garden. This is because the sand is enclosed in a box with high walls. The same happens with sandboxes in computers. When you want to test your new app or something else without spoiling the whole computer, you can build a sandbox using Windows 10 Sandbox feature or by using third-party tools. You can then install your app into the sandbox and check it without having to worry about breaking the computer.
Browsers – most of them – already have a sandbox to enhance your computer protection. The idea of browser sandboxes is to protect your computer from the side-effects of browsing. Even the best of websites may be hosting malicious code without their knowledge. Thus, what happens is, if a website downloads any malicious code, it is downloaded to the sandbox part of the computer. When the sandbox is closed, everything inside it is erased, including the malicious code.
Firefox Sandbox
Firefox runs untrusted code in a sandbox so that the computer stays protected in case something malicious happens. Firefox runs in two parts: one is the parent and the others are child processes. While working on the Internet, untrusted processes are run in Firefox sandbox. This helps in containing the contamination in case there is any. While the child processes are run in Sandbox, the parent part acts as a mediator between the child process and the rest of the computer resources.
Users can change the sandboxing level in Firefox to make it stricter or easier. At 0, Firefox is least restrictive; level 2 is balanced and current; level 3 will be highly restrictive. To see which level Firefox is using, type the following in the address bar and press Enter key:
about:config
It will load the Firefox configurable variables on the page. That done, press CTRL+F after placing the cursor in the config page anywhere. In the Find box, enter the following code and press Enter key:
security.sandbox.content.level
The value returned by the function is the current level of sandboxing being used by Firefox.
Chromium Browser Sandbox
Chromium is used by both Microsoft Edge and Google Chrome browsers. Basically, their sandbox too works as the one explained above in the Firefox section.
There are two parts – The broker process, and the target process. The browser process is the broker process while the child processes are called target processes. All codes run by the target processes run in the sandbox. The other part is called the broker process because it acts between the child process and other computer resources so as to supply the child processes with the resources they want.
In Windows 10 Pro and above editions, you can use Windows Sandbox for running Microsoft Edge.
How to turn off Google Chrome Sandbox?
To turn off the Google Chrome Sandbox right-click on its icon. Click on Properties and then on the Shortcut tab in the dialog box that appears.
Add the following to the app path being shown in the Target:
--no-sandbox
Henceforth, whenever you click the Chrome icon, it will load Chrome without a sandbox.
Using Microsoft Edge in the Sandbox
When you start the Windows 10 Sandbox, you will get a new desktop with only Recycle Bin and Edge shortcut. It shows Start Menu and other icons, but they don’t really work in this sandboxed operating system. You can open them in the main Windows 10 instead of sandboxed Windows 10.
You can start Edge from this sandboxed Windows 10 environment for browsing with maximum security. Once you close the sandbox, after working on Edge for a while, no one can trace what you did on the Internet. Your ISP may create a log of what you did but no one can check those activities that you performed using Edge in the sandbox.
As with other data, if any website downloads malware to your system, the malware too would vanish when you close the sandbox.
Notes:
- Using a sandboxed environment for browsers won’t make it 100% safe. It happens that some parts of the browser extend beyond the sandbox, especially if they are still using Flash and ActiveX elements. These can be compromised and then the cybercriminals can access your computers.
- You can also create a sandbox using third-party tools such as Sandboxie if you do not want to use Edge but some other browser. You just need to turn on the sandbox program you are using and when the sandbox is created, you can install the browsers there. Know that closing the sandboxing will clear all the contents of the sandbox. So, if you want to use Firefox again in a sandbox, you will have to create a sandbox and install it again.
The above explains what browser sandbox is and how to use and disable it. Let us know your views and ideas related to browser sandbox and security by commenting below.