Maysara Alhindi and Joseph Hallett, University of Bristol
Sandboxing restricts what applications do, and prevents exploited processes being abused; yet relatively few applications get sandboxed: why? We report a usability trial with 7 experienced Seccomp developers exploring how they approached sandboxing an application and the difficulties they faced. The developers each approached sandboxing the application differently and each came to different solutions. We highlight many challenges of using Seccomp, the sandboxing designs by the participants, and what developers think would make it easier for them to sandbox applications effectively.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Maysara Alhindi and Joseph Hallett},
title = {Playing in the Sandbox: A Study on the Usability of Seccomp},
booktitle = {Twenty-First Symposium on Usable Privacy and Security (SOUPS 2025)},
year = {2025},
isbn = {978-1-939133-51-9},
address = {Seattle, WA},
pages = {225--240},
url = {https://www.usenix.org/conference/soups2025/presentation/alhindi},
publisher = {USENIX Association},
month = aug
}
