Linked by Thom Holwerda on Thu 9th Aug 2018 21:23 UTC
Windows

A recent Windows 10 Insider Feedback Hub quest revealed that Microsoft is developing a new throwaway sandboxed desktop feature called "InPrivate Desktop". This feature will allow administrators to run untrusted executables in a secure sandbox without fear that it can make any changes to the operating system or system's files.

"InPrivate Desktop (Preview) provides admins a way to launch a throwaway sandbox for secure, one-time execution of untrusted software," the Feedback Hub questions explains. "This is basically an in-box, speedy VM that is recycled when you close the app!"

This is the obvious way in which Microsoft could isolate any legacy Win32 applications in future non-Win32 versions of Windows.

Order by: Score:
So... Docker?
by bartgrantham on Fri 10th Aug 2018 01:10 UTC
bartgrantham
Member since:
2011-12-31

Funny timing, too. LXC, which Docker is built on top of, had its first release on August 6, 2008, according to Wikipedia. Just over 10 years ago.

Edited 2018-08-10 01:10 UTC

Reply Score: 0

moondevil
Member since:
2005-07-08

This is just another step in the transition to merge UWP and Win32 worlds, as shown at some BUILD 2018 sessions.

On the upcoming Windows 10, Win32 apps delivered with the new MSIX package format get sandboxed just like UWP ones are.

https://blogs.msdn.microsoft.com/sgern/2018/06/18/a-closer-look-at-m...

Edited 2018-08-10 07:30 UTC

Reply Score: 3

BlueofRainbow Member since:
2009-01-06

This seems to apply only to MSIX packaged Win32 applications.

How about the legacy Win32 applications one may already have and not repackaged because the vendor no longer commercially exists?

Reply Score: 2

Been waiting a long time!
by slashdev on Fri 10th Aug 2018 13:42 UTC
slashdev
Member since:
2006-05-14

i've been waiting a long time (decades) for MS's equivalent of BSD's Jails. It made no sense that applications couldnt be run easily in some kind of isolation for easy resource management and monitoring, as well as security.

This seems like a step in the right direction for those who dont want to be running Vagrant/Virtualbox/Hyper-V just to isolate some applications.

Reply Score: 1