Drawbridge -- WinAPI/NT API sandbox in Windows

[Saulius Krasuckas]

Hello,

I just have heard about MS project called Drawbridge. [*]

They use NT kernel (ntoskrnl + win32k) implementation in user-mode (NTUM) 
to load native DLLs and services from different versions of Windows, IIUC.

Set of downcalls from NTUM (to native kernel) is reduced to 45 items.

This way a process-based isolation is achieved.  Some sort of 
sandbox/container.  It sounds like Wine on Windows.  Just FYI.

S.

[*] http://research.microsoft.com/en-us/projects/drawbridge/