Back to posts
post

Local Sandboxing Trade-offs

When process-level isolation is enough, when a VM earns its friction, and how to decide between them.

Radar chart comparing process-level sandboxing and VM sandboxing across isolation, speed, and interoperability

More protection usually means more friction. So when do you actually need more than process-level sandboxing?

I’ve been working extensively with local sandboxes, and the experience has sharpened how I think about isolation and its trade-offs. I wanted to share what I’ve learned.

When we run things locally on our “host”, we want to protect resources such as:

Roughly speaking, sandboxing lets us run software we don’t necessarily trust while minimizing its ability to access or change the resources we want to protect.

Local sandboxing falls into two main camps:

This is one of those cases where you can’t simply choose the option with the most protection. Stronger isolation usually comes with more friction, so we have to be strategic about when it is worth making our workflow less convenient.

PL and VM sit at opposite ends of these axes:

(Another interesting axis to think about: are you protecting the host, or are you protecting the workload?)

The takeaway here is simple: Process-level sandboxing is designed to let you get things done. VM sandboxing needs to justify its additional friction.

Software has two basic needs:

We don’t usually care what a piece of software needs just to run, as long as we can provide it. We are looking for functionality, such as an app that can read scanned receipts, and we are happy to let it access the folder where we keep those receipts. It is straightforward to express this as a policy that the sandbox enforces.

VM sandboxing is justified when software needs broad access simply to run. Chromium is a case in point. It is easier to list what it doesn’t need access to. Wrapping it in a restrictive policy means poking so many holes that the policy stops protecting much.

This is where VMs become useful. Chromium gets its own private OS with much less need for restrictive policies. All that remains is to explicitly give this “private OS” access to specific resources, such as the files we want it to interact with. Chromium can then function as intended while the VM protects what we care about.