Sandbox Internals

Deprecation of the technologies described here has been announced for platforms other than ChromeOS. Please visit our migration guide for details.

The sandbox internals documentation describes implementation details for Native Client sandboxing, which is also used by Portable Native Client. These details can be useful to reimplement a sandbox, or to write assembly code that follows sandboxing rules for Native Client (Portable Native Client does not allow platform-specific assembly code).

As an implementation detail, the Native Client sandboxes described here are currently used by Portable Native Client to execute code on the corresponding machines in a safe manner. The portable bitcode contained in a pexe is translated to a machine-specific nexe before execution. This may change at a point in time: Portable Native Client doesn’t necessarily need these sandboxes to execute code on these machines. Note that the Portable Native Client compiler itself is also untrusted: it too runs in a Native Client sandbox described below.

Native Client has sandboxes for:

We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.