The sandbox: test run on the isolation ward ...

Everyone is familiar with the dubious attachments in e-mails, where you don't know whether they contain malicious code or not. The solution for checking a possible destructive effect is called a 'sandbox'. Just as generals used to play out the expected course of a battle in a sandbox, the impact is first analyzed in a quarantine area. Some well-known programs already have a (weaker) sandbox function as a plug-in, for example the 'Java Runtime Environment' (JRE).
Other programs take a much more restrictive approach: here the entire browser is executed in an isolation area, sealed off from all write access to the hard disk. Each of these accesses is redirected to a separate subdirectory, which - in the event of malware - can be easily deleted before malware has a chance to take root. The structure of a 'virtual machine' (VM) is even more comprehensive. Here, an entire computer is simulated on a software level, which is isolated from the real computer in every respect. Only this 'virtual prison' is then 'infected'. Attempts to make system changes, the creation of new network connections or the unmotivated opening of files, for example, are considered suspicious.