The web browser is one of the main access doors to the Internet. We cannot deny that it is one of the most basic and essential programs to navigate. However, the network is plagued with threats, and many seek to use this browser as a gateway to our PC. Therefore, to allow us to navigate in the safest way possible and not take risks, those responsible for the main web browsers have to take maximum care of their security. And one of the security measures that they include in order to protect us from threats is the “sandbox mode” .
What is sandbox mode?
When we run a program in normal mode, its processes have access to other resources on the computer, such as files, programs or other processes. This can make, for example, that through a security breach the browser has access to resources that it should not be able to access. Thus, through a security breach, the browser could run previously downloaded malware, open unwanted programs, and even change system settings. And this is precisely what sandbox mode prevents.
The sandbox is an isolated space within memory where a specific program, such as the browser, runs. Thanks to this, all the processes that are executed by the browser, or called from it, do so within that isolated space. In this way, if a security breach is found in the browser, or in whatever program, and it is exploited, only the content of said sandbox will be accessed. That is, it will not be possible to call other programs or processes, or access other files that are not in the sandbox.
Of course, we must bear in mind that this mode does not guarantee us 100% security . Some elements of them (such as plugins) are loaded outside the sandbox, for compatibility, and can be used to compromise our security. If we want to avoid it, what we must do is run the browser in a second safe environment, such as Windows Sandbox or Sandboxie.
Chrome, Firefox and Edge: with or without this mode?
Virtually all web browsers that we can find today have this security measure. And, in addition, it is activated by default . Therefore, unless we have made a specific change (for example, adding the “–no-sandbox” parameter in the Chrome or Edge shortcut) we will be browsing safely, protecting ourselves from malware and remote code execution. .
Deactivating this mode is deactivating an essential , and very important, security measure of the browser. And, although we do not believe it, it does not give us any advantage . The impact of this security measure on the performance of the PC is negligible, and, therefore, we will hardly notice a difference between having it activated or deactivated. We are not going to navigate faster or use less RAM. If we deactivate it, we will only take unnecessary risks, without any additional window.
We only have to deactivate this mode, to test, when we have serious problems with the browser. If some features don’t work well, hang or we can’t run it, we can try disabling it just to try to isolate the problem. If we are security researchers and we are dedicated to looking for vulnerabilities, we must also deactivate it to facilitate the work.