Sandbox Architecture

It is important to understand the architecture of how sandbox solutions work before we can talk about restrictions and Proxies.
The word "sandbox" in computers is generally used to refer to a safe area where you can play, without damaging the outside hosting environment. The sandbox in SharePoint is implemented as a separate process where your sandbox solution code will run. In fact, there are three processes.


Sandbox Solution and Sandbox Proxy - Basics

Def:  A sandbox is a restricted execution environment that enables programs to access only certain resources, and that keeps problems that occur in the sandbox from affecting the rest of the server environment.

In SharePoint 2007, custom code requires the farm administrator to trust the code running on the server. In SharePoint 2010 we are introducing a new SharePoint custom code sandbox with isolation and resource limitations (memory, SQL, CPU) that allows administrators to let others safely add and consume custom solutions without impacting overall farm performance and stability.