About Sandboxes
AdminStudio 2022 | 23.0 | ThinApp Assistant
A ThinApp application runs in a sandbox, a virtual operating system—consisting of a virtual file system and a virtual registry—which is embedded with each ThinApp application. Running an application in a sandbox protects the local operating system from installation modifications that could affect stability or security. In a sandbox, system resources (such as files and registry keys) are redirected from the physical operating system files to the sandbox.
Many applications fail to run if the user does not have administrative rights because they expect to be able to write to global locations like HKEY_LOCAL_MACHINE and C:\Program Files. Using sandbox technology makes applications believe they have the ability to make global changes when they are actually writing to user and application-specific locations, and allows applications that require administrative rights to run without additional privileges. This feature allows ThinApp applications to run in security-restricted environments such as Windows Vista and Terminal Server.
When you run a ThinApp application, additional files or registry keys may be produced. Depending upon the isolation options, some of this run time data will need to be stored locally in a sandbox cache, a local per-user directory.
When the ThinApp application is built, the local Sandbox cache is created in the following location, using the Sandbox Name that was entered on the General Settings page.
c:\Documents & Settings\USER_NAME\Application Data\ThinApp\SANDBOX_NAME
If the user's Application Data directory is stored on a network share, the ThinApp application’s settings will automatically migrate when the same user logs in on another machine. You can also choose to create the sandbox cache in an external storage device such as a USB flash drive.