nettlesersandboxing

Nettlesersandboxing is a set of techniques for isolating and constraining the execution of web content within a browser in order to limit the impact of security breaches or malicious code. Its central aim is to prevent a compromised webpage from accessing sensitive data, executing arbitrary code, or interfering with other tabs or the underlying system.

It achieves this through multiple layers of separation, including out-of-process rendering where different tabs or sites

On the operating system level, sandboxing uses features such as seccomp-bpf, AppArmor, or SELinux on Linux; Job

Benefits include reduction of the attack surface, containment of exploit chains, and improved resilience against drive-by

Major browsers have incorporated many forms of nettlesersandboxing, including site isolation and sandboxed renderers, with continuous