Windows 沙盒Windows Sandbox

Windows 沙盒提供了轻型桌面环境,可安全地独立运行应用程序。Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Windows 沙盒环境中安装的软件保持"沙盒"状态,并独立于主机运行。Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine.

沙盒是临时的。A sandbox is temporary. 关闭后,将删除所有软件和文件以及状态。When it's closed, all the software and files and the state are deleted. 每次打开应用程序时,都会获得沙盒的全新的实例。You get a brand-new instance of the sandbox every time you open the application.

安装在主机上的软件和应用程序不会直接在沙盒中提供。Software and applications installed on the host aren't directly available in the sandbox. 如果需要 Windows 沙盒环境中可用的特定应用程序,则必须在环境中显式安装它们。If you need specific applications available inside the Windows Sandbox environment, they must be explicitly installed within the environment.

Windows 沙盒具有以下属性:Windows Sandbox has the following properties:

  • Windows 的一部分:此功能所需的一切内容都包含在 Windows 10 专业版和企业版中。Part of Windows: Everything required for this feature is included in Windows 10 Pro and Enterprise. 无需下载 VHD。There's no need to download a VHD.
  • 访问: 每次运行 Windows 沙盒时,它都像全新安装的 Windows 一样干净。Pristine: Every time Windows Sandbox runs, it's as clean as a brand-new installation of Windows.
  • 释放:设备上不会保留任何内容。Disposable: Nothing persists on the device. 当用户关闭应用程序时,将放弃所有内容。Everything is discarded when the user closes the application.
  • 安全:使用基于硬件的虚拟化进行内核隔离。Secure: Uses hardware-based virtualization for kernel isolation. 它依赖于 Microsoft 虚拟机监控程序运行单独的内核,该内核将 Windows 沙盒与主机隔离。It relies on the Microsoft hypervisor to run a separate kernel that isolates Windows Sandbox from the host.
  • 高效: 使用集成的内核计划程序、智能内存管理和虚拟 GPU。Efficient: Uses the integrated kernel scheduler, smart memory management, and virtual GPU.

以下视频概述了 Windows 沙盒。The following video provides an overview of Windows Sandbox.

必备条件Prerequisites

  • Windows 沙盒上的 Windows 10 专业版、企业版或教育版版本 18305 或 (当前在家庭 SKUs 上不受) Windows 10 Pro, Enterprise or Education build 18305 or later (Windows Sandbox is currently not supported on Home SKUs)
  • AMD64 体系结构AMD64 architecture
  • BIOS 中启用的虚拟化功能Virtualization capabilities enabled in BIOS
  • 建议至少 4 GB 的 RAM (8 GB) At least 4 GB of RAM (8 GB recommended)
  • 建议使用 SSD 时至少 (1 GB) At least 1 GB of free disk space (SSD recommended)
  • 四个内核中 (两个 CPU 内核,推荐使用超线程) At least two CPU cores (four cores with hyperthreading recommended)

安装Installation

  1. 确保你的计算机使用的是 Windows 10 专业版或企业版版本 18305 或更高版本。Ensure that your machine is using Windows 10 Pro or Enterprise, build version 18305 or later.

  2. 在计算机中启用虚拟化。Enable virtualization on the machine.

    • 如果使用的是物理计算机,请确保 BIOS 中启用了虚拟化功能。If you're using a physical machine, make sure virtualization capabilities are enabled in the BIOS.
    • 如果使用的是虚拟机,请运行以下 PowerShell 命令以启用嵌套虚拟化:If you're using a virtual machine, run the following PowerShell command to enable nested virtualization:
      Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $trueSet-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
  3. 使用任务栏上的搜索栏并键入"打开和 关闭 Windows 功能"以访问 Windows 可选功能工具。Use the search bar on the task bar and type Turn Windows Features on and off to access the Windows Optional Features tool. 选择 Windows 沙 盒,然后 确定Select Windows Sandbox and then OK. 如果系统提示,请重新启动计算机。Restart the computer if you're prompted.

    • 如果 Windows 沙 盒选项不可用,您的计算机不符合运行 Windows 沙盒的要求。If the Windows Sandbox option is unavailable, your computer doesn't meet the requirements to run Windows Sandbox. 如果您认为这不正确,请查看先决条件列表以及步骤 1 和步骤 2。If you think this is incorrect, review the prerequisite list as well as steps 1 and 2.
  4. 在"开始 " 菜单上找到并选择 Windows 沙盒,以首次运行它。Locate and select Windows Sandbox on the Start menu to run it for the first time.

用途Usage

  1. 复制可执行 (文件以及从主机运行应用程序所需的任何其他) 文件,并将其粘贴到 Windows 沙 盒窗口中。Copy an executable file (and any other files needed to run the application) from the host and paste them into the Windows Sandbox window.
  2. 在沙盒内运行可执行文件或安装程序。Run the executable file or installer inside the sandbox.
  3. 完成实验后,关闭沙盒。When you're finished experimenting, close the sandbox. 对话框将指出将放弃并永久删除所有沙盒内容。A dialog box will state that all sandbox content will be discarded and permanently deleted. 选择 "确定"。Select ok.
  4. 确认主机未显示你在 Windows 沙盒中所做的任何修改。Confirm that your host machine doesn't exhibit any of the modifications that you made in Windows Sandbox.