Sandboxie is an operating system-level virtualization tool designed to run Windows applications in isolated, secure environments. By intercepting system calls and redirecting file system and registry modifications to a separate, discardable storage area, it prevents untrusted software from making permanent changes to the host system. This containment ensures that browser history, temporary files, and potential malware remain trapped within the sandbox, protecting the integrity and privacy of the underlying host.
The software distinguishes itself through granular control over the isolation environment, including the ability to emulate administrative privileges for compatibility without granting actual elevated rights. It supports complex security policies such as per-sandbox network filtering, proxy redirection, and DNS control, alongside the ability to define specific breakout rules for documents or applications. Users can manage these environments through snapshots, encrypted storage, and volatile memory mapping, which allows for high-speed performance and automatic data clearing upon process termination.
Beyond core isolation, the platform provides comprehensive lifecycle management for virtualized workspaces, including automated deployment for removable drives and programmatic configuration via a command-line interface. It enforces strict resource usage limits and access rules to maintain system stability while offering tools for data recovery and state management. The software is distributed as a utility for Windows environments, providing a centralized interface for monitoring and maintaining these isolated execution containers.
