Let's sandbox the lot!

Yesterday, two stories emerged which caught my attention, the first was saying how Dell has created a version of Firefox that runs in a sandbox, the second said how Adobe are going to sandbox Reader.

I find it interesting that this is being done for the reasons it is being done. Chrome sandboxes tabs, IIRC, to enhance performance; if something crashes it only crashes that tab, not the whole browser.

By sandboxing something like Adobe Reader, all you are doing is saying “We really can’t be arsed to fix this, lets put it in a situation where it doesn’t need to be fixed”, isn’t that like having a leaky bucket and rather than patching it just putting it into a larger bucket? It works, but it’s lazy.

Is this the new lazy era of computing?* If it’s a security risk shove it in a sandbox?

*The previous era being lack of memory management and consideration for CPU usage because the hardware will support anything we write

comments powered by Disqus