{{Short description|Concept in software design}} '''Process isolation''' is a set of different hardware and software technologies<ref>{{cite conference |title=Deconstructing Process Isolation |conference=ACM SIGPLAN Workshop on Memory Systems Performance and Correctness |last1=Aiken |first1=Mark |last2=Fähndrich |first2=Manuel |last3=Hawblitzel |first3=Chris |last4=Hunt |first4=Galen |last5=Larus |first5=James R. |date=October 2006 |url=https://cs.uwaterloo.ca/~brecht/courses/702/Possible-Readings/oses/singularity-deconstructing-process-isolation-mem-system-perf-2006.pdf |doi=10.1145/1178597.1178599}}</ref> designed to protect each process from other processes on the operating system. It does so by preventing process A from writing to process B. Security is easier to enforce by disallowing inter-process memory access, in contrast with architectures in which any process can write to any memory in any other process.<ref>All in one CISSP Exam Guide, 3rd Edition, Shon Harris</ref>

Process isolation can be implemented by giving each process its own virtual address space, where process A's address space is different from process B's address space – preventing A from writing onto B.

== Limited inter-process communication == In a system with process isolation, limited (controlled) interaction between processes may still be allowed over inter-process communication (IPC) channels such as shared memory, local sockets or Internet sockets. In this scheme, all of the process' memory is isolated from other processes except where the process is allowing input from collaborating processes.

System policies may disallow IPC in some circumstances. For example, in mandatory access control systems, subjects with different sensitivity levels may not be allowed to communicate with each other. The security implications in these circumstances are broad and span applications in network key encryption systematics as well as distributed caching algorithms. Interface-defined protocols such as basic cloud access architecture and network sharing are similarly affected.<ref>{{cite conference |last1=Pahl |first1=Claus |last2=Lee |first2=Brian |title=Containers and clusters for edge cloud architectures--a technology review |conference=3rd International Conference on Future Internet of Things and Cloud |date=2015 |url=https://doras.dcu.ie/20641/1/FICloud15-EdgeCloudContainer.pdf |doi=10.1109/FiCloud.2015.35}}</ref>

==Operating systems== Operating systems that support process isolation by providing separate address spaces for each process include: * Unix-like systems such as Linux, the BSDs, macOS, Solaris, and AIX * VMS * Windows NT

==Applications== {{Expand section|needs more examples of applications other than web browsers using process isolation|date=November 2025}} On a system that supports process isolation, an application can use multiple processes to isolate components of the application from one another.

===Web browsers=== {{see also|List of web browsers}} Internet Explorer 4 used process isolation in order to allow separate windowed instances of the browser their own processes; however, at the height of the browser wars, this was dropped in subsequent versions to compete with Netscape Navigator (which sought to concentrate upon one process for the entire Internet suite).{{citation needed|reason=No mention of process isolation in the articles for IE4 and its subsequent versions, and need a source as well for Microsoft dropping this in response to Netscape|date=December 2025}} This idea of process-per-instance would not be revisited until a decade afterwards, when tabbed browsing became more commonplace.

In Google Chrome's "Multi-Process Architecture"<ref>{{cite web |url=https://blog.chromium.org/2008/09/multi-process-architecture.html |title=Multi-process Architecture |website=Chromium Blog |date=September 11, 2008}}</ref> and Internet Explorer 8's "Loosely Coupled IE (LCIE)",<ref>{{cite web |url=http://blogs.msdn.com/ie/archive/2008/03/11/ie8-and-loosely-coupled-ie-lcie.aspx |title=IE8 and Loosely-Coupled IE (LCIE) |author=Andy Zeigler |date=March 11, 2008 |archive-url=https://web.archive.org/web/20100313083900/http://blogs.msdn.com/ie/archive/2008/03/11/ie8-and-loosely-coupled-ie-lcie.aspx |archive-date=March 13, 2010 |url-status=dead}}</ref> tabs containing webpages are contained within their own processes, which are isolated from the core process of the browser so as to prevent the crash of one tab/page from crashing the entire browser. This method (known popularly as '''multiprocess''' or '''process-per-tab''') is meant to both manage memory and processing by allowing offending tabs to crash separately from the browser and other tabs and manage security.

In Firefox, the execution of NPAPI plug-ins like Flash and Silverlight became isolated in separate processes for each plug-in,<ref name="Lorentz">{{cite web |date=January 13, 2010 |title=Firefox 3.6 due this month; next comes 'Lorentz' |url=http://news.cnet.com/8301-30685_3-10433844-264.html |url-status=dead |archive-url=https://web.archive.org/web/20110426041949/http://news.cnet.com/8301-30685_3-10433844-264.html |archive-date=April 26, 2011 |access-date=December 29, 2025 |publisher=CNET}}</ref> starting in version 3.6.4.<ref>{{Cite web |title=Chrome gets updated, Firefox 'Lorentz' enters beta |url=http://download.cnet.com/8301-2007_4-20002988-12.html |url-status=dead |archive-url=https://web.archive.org/web/20121004080641/http://download.cnet.com/8301-2007_4-20002988-12.html |archive-date=October 4, 2012 |access-date=April 21, 2010}}</ref> The foundation of this process isolation eventually became a project called Electrolysis or e10s for short, which extended process isolation to web content, browser chrome, and add-ons. This became enabled by default for all users starting in version 57, with the side-effect of add-ons requiring to be rewritten to the more limited Web Extensions.<ref>{{Cite web |title=Electrolysis |url=https://wiki.mozilla.org/Electrolysis |url-status=live |access-date=December 29, 2025 |website=MozillaWiki}}</ref> e10s was then later extended into per-origin process isolation (also known as "site isolation") with Project Fission, which was shipped in version 95.<ref>{{Cite web |title=Project Fission |url=https://wiki.mozilla.org/Project_Fission |url-status=live |access-date=December 29, 2025 |website=MozillaWiki}}</ref>

==== Browsers with process isolation ==== * Google Chrome * Internet Explorer 8 and later * Safari * Mozilla Firefox (plug-ins since 3.6.4, default for web content and everything else since 57) * Maxthon * Pale Moon (only for plug-ins since 3.6.4)

==== Criticism ==== Pale Moon is a notable web browser that has intentionally not isolated browser chrome, web content, add-ons, and other non-plugin components to their own processes. It claims that a multi-process browser will run into issues such as the asynchronous nature of inter-process communication conflicting with web standards that require a synchronous state (e.g. setting cookies), increased sluggishness in UI interaction due to messages having to be passed back-and-forth between the main chrome process and web content, increased resource usage due to the parsing, layout and rendering engines of the browser being duplicated across processes, and having no control over the IPC's security (which will necessarily replace the strict sandboxing between application code and document content found in the usual single-process browser or document viewer) handled by the operating system.<ref>{{Cite web |title=Multi-process, or: the drawbacks nobody ever talks about. |url=https://forum.palemoon.org/viewtopic.php?t=17442 |url-status=live |access-date=December 29, 2025 |website=Pale Moon forum}}</ref>

==Programming languages==

Erlang (programming language) is providing a similar concept in user space, by realizing strictly separated lightweight processes.

==Related technologies== * Virtual memory allows for memory space isolation by giving each process its own virtual address space. * Polyinstantiation allows mirrors of shared resources, where changes by process A will not be visible to process B.

==See also== * Sandbox (computer security) * NX bit

== References == {{Reflist|2}}

Category:Operating system security