Abstract: It has been discovered that identifying files introduced into a system, particularly those originating from external sources, as being subject to security evaluation and deferring the security evaluation until access or attempted access of the file reduces security vulnerabilities of a system. A file introduced into a processing system is tagged with a security tag if the file is introduced via a supervised introduction point and/or introduced by a supervised program. Upon access or attempted access of the tagged file, security evaluation is initiated on the file.

Abstract: Techniques for handling a file associated with a program are described herein. According to an aspect of the invention, in response to a request for accessing a file received through a first program, the file is stored in a first sandboxed storage area, where the file is to be accessed by a second program. An atomic move operation is then performed on the file that atomically moves the file from the first sandboxed storage area to a second sandboxed storage area, where the first sandboxed storage area is not accessible to the first program and second program. The second program is launched to access the file stored in the second sandboxed storage area, where the second sandboxed storage area is a part of a sandbox associated with the second program.

Abstract: It has been discovered that identifying files introduced into a system, particularly those originating from external sources, as being subject to security evaluation and deferring the security evaluation until access or attempted access of the file reduces security vulnerabilities of a system. A file introduced into a processing system is tagged with a security tag if the file is introduced via a supervised introduction point and/or introduced by a supervised program. Upon access or attempted access of the tagged file, security evaluation is initiated on the file.