Practical Sandboxing: Techniques For Isolating Processes presented at Blackhat USA 2007

by David Leblanc,

Tags: Security

Summary : The sandbox created for the Microsoft
Office Isolated Converter Environment will be demonstrated in detail.
The combination of restricted tokens, job objects, and desktop changes
needed to seriously isolate a process will be demonstrated, along with a
demonstration of why each layer is needed.