Fundamental Concepts

Multi-Sandboxing is based on the the Kernel & Features Specification (KF).

It allows an application code to be split between multiples parts:

  • the main application, called the Kernel,

  • zero or more applications called Features.

Therefore, a Kernel Application relates to the Kernel concept and a Sandboxed Application relates to the Feature concept.

Some fundamental points:

  • The Kernel is mandatory. It is assumed to be reliable, trusted and cannot be modified.

  • A Feature is an application “extension” managed by the Kernel.

  • A Feature is fully controlled by the Kernel: it can be installed, started, stopped and uninstalled at any time independent of the system state (particularly, a Feature never depends on another Feature to be stopped).

  • A Feature is optional, potentially not-trusted, maybe unreliable and can be executed without jeopardizing the safety of the Kernel execution and other Features.

  • Resources accesses (RAM, hardware peripherals, CPU time, …) are under control of the Kernel.

Note

You can go further by reading the Kernel & Features Specification.