Inspired by @alexdavid, I became obsessed with sandboxing everything on my computer—constraining applications to the minimum number of privileges they need to perform their job, limiting their data access as much as possible, and preventing any kind of modifications to other apps or the overall system.
The most obvious reasons to do this are, of course, security and privacy. Limiting the surface area for each application will significantly reduce the likelihood of data leakage and data theft (something especially important as a software engineer, given how frequently we have to run untrusted code). No solution is going to be 100% effective, but sandboxing is a relatively easy, low-overhead way to build defense in depth.
This guide offers suggestions for sandboxing Mac and Windows applications and workflows to improve security, while balancing usability.
The most secure machines aren't even connected to the internet, and definitely don't run "apps" as we would know them. Consequently, to have a useful machine, we can't focus only on security—we need to to make some accommodation for usability too.
I think of the solution space for sandboxing sort of like this:
In written form:
 |
 |
 |
|
|---|---|---|---|
 |
Separate user accounts | Virtual machines | |
 |
Web browser Containers |
||
 |
Native app (no sandbox) | App stores |
Each of the solutions involves tradeoffs, and there isn't always a clear winner.
I've experimented with all of the above solutions, in varying combinations. In this guide, I'll share my preferences for how I prefer to use macOS and Windows while avoiding unnecessary risk.
These recommendations are just my opinion, and certainly not authoritative! I'm not responsible for any negative consequences you suffer if you apply my ideas here.
This guide is divided into three unordered sections:
- A non-exhaustive list of sandboxing solutions
- Examples of how to sandbox specific apps
- Examples of how to sandbox some general workflows and use cases
Hopefully it's useful.
This guide is primarily an attempt to evangelize sandboxing and share some of my personal recommendations/opinions on the matter; however, I would love any and all contributions:
- Correcting me on matters of fact
- Suggesting additional sandboxing solutions that I haven't thought of
- Suggesting how to sandbox applications or use cases that I haven't listed here
Just please keep in mind that this is not meant to be an authoritative reference—as such, I may decline changes that I personally disagree with (on matters of opinion).
All contents of this repository are released under the CC0 1.0 Universal license (effectively public domain).