With modern computing devices, protecting sensitive data is of the utmost importance. To protect a user's sensitive data, an application can be executed in a sandboxed environment in which the application is granted access to only a specified portion of the file system. Further, other applications are restricted access to the specified portion of the file system. Thus, a user can be confident than an untrusted application cannot access and gather any sensitive data meant to be accessed by only the trusted application.
While running applications in a sandboxed environment provides additional security, there are also some limitations. For example, data cannot be shared across multiple applications, which in some instances could increase efficiency and performance. Further, while restricting an application to a single specified portion of the file system provides security from other applications, the sensitive data can still be accessible by an alternate user of the client device. Accordingly, there exists a need for an improved system.