This is a useful and important topic, but there are some details in the writeup that are misleadingly explained and may reduce the trust in the overall explanation.
A lot of passwords are all-or-nothing. You either have full access to a service or no access to it.
It’s really necessary to split authentication (authz) from authorization (authn). Passwords are authentication—they show identity of user. There are separate systems for what that identity is allowed to do. It’s not the password that’s all-or-nothing.
A security sandbox, such as one in a Docker container or a browser tab, can prevent an external service from accessing data inside it.
Almost exactly the opposite. The sandbox prevents things INSIDE from accessing data (except in very controlled ways) outside of it. Sandboxes makes it harder for an attacker to escape and hit other systems, not harder for an attacker who’s got access to the host to get into the sandbox. In truth, there’s a bit of both, as it makes it easier to secure the host when all “user work” happens in a sandbox.
This is a useful and important topic, but there are some details in the writeup that are misleadingly explained and may reduce the trust in the overall explanation.
It’s really necessary to split authentication (authz) from authorization (authn). Passwords are authentication—they show identity of user. There are separate systems for what that identity is allowed to do. It’s not the password that’s all-or-nothing.
Almost exactly the opposite. The sandbox prevents things INSIDE from accessing data (except in very controlled ways) outside of it. Sandboxes makes it harder for an attacker to escape and hit other systems, not harder for an attacker who’s got access to the host to get into the sandbox. In truth, there’s a bit of both, as it makes it easier to secure the host when all “user work” happens in a sandbox.