Sandboxing is the process of sequestering away programs so that they runs in a specific and and controlled environment. This is done by controlling the programs area of allocated memory and limiting access to system resources. This process is effective at enclosing programs in the hopes of preventing system contamination. In practice by controlling program i/o and memory access the computer system at large can be fenced off from risky programs such as web browsers or untrusted programs.
In particular sandboxing a web browser can perform such functions as preventing browser exploits from reaching critical sections of the system, sequestering drive by downloads, and allowing risky programs to be downloaded, installed, and run in a safe isolated environment. Combining this with script blocking and a strong anti-virus should result in a system. that is all but impervious to to malicious websites.
Several companies offer sandboxing utilities such as Comodo and Sandboxie. Comodo bundles their sandboxing product as part of their greater personal firewall and hips package. Sandboxie is a purpose built cross browser sandboxing utility.
An example of the use of a browser sandbox can be found at: http://www.youtube.com/watch?v=2IbwhE-r8_k&feature=relmfu
http://www.sandboxie.com/ http://personalfirewall.comodo.com/free-download.html
