Sandboxing for multi-tenancy

What is claimed is: 1. A server, comprising: a processor; and a memory coupled to the processor, the memory including program instructions stored thereon that, upon execution by the processor, cause the server to: spawn one or more worker processes, via a worker process manager, and to load an application on each of the worker processes, the worker process manager configured to isolate the one or more worker processes from each other and to control resource usage by the worker processes using each of the following techniques: least-privilege execution, user input messaging isolation, security credentials isolation, data isolation, network resource isolation, fair share resource usage, and managed runtime security; and detect, via a resource manager, applications that overuse system resources. 2. The server of claim 1 , wherein the resource manager is configured to detect applications that overuse system resources using a heuristic algorithm that comprises identifying suspect applications that were running when a host server becomes unresponsive, assigning a point to each of the suspect applications, distributing the suspect applications to other host servers, and monitoring points accumulated by the suspect applications to identify a suspect application having a greatest number of points. 3. The server of claim 1 , wherein the least-privilege execution technique spawns a worker process using a process token that has minimal system privileges and security group memberships. 4. The server of claim 1 , wherein the messaging isolation technique isolates each worker process in its own Window station and desktop object. 5. The server of claim 1 , wherein the credentials isolation technique uses access control lists to secure certificates and private keys for use only by authorized applications. 6. The server of claim 1 , wherein the data isolation technique uses access control lists to limit each application to using only its own data folder. 7. The server of claim 1 , wherein the network isolation technique reserves http and https endpoints for each application and using access control lists to limit each application to using only its own reserved endpoints. 8. The server of claim 1 , wherein the fair share resource usage technique sends warning notifications to applications that exceeds a first resource usage level and terminates applications that exceed a second resource usage level. 9. The server of claim 1 , wherein the fair share resource usage technique throttles CPU usage by adjusting each application's priority level depending upon the application's historical CPU usage. 10. The server of claim 1 , wherein the fair share resource usage technique throttles network usage using a quality of service (QoS) policy to control each application's access to destination port ranges assigned to the application. 11. The server of claim 1 , wherein the managed runtime security technique restricts application access to predetermined allowed API calls and runtime libraries. 12. A method, comprising: spawning one or more worker processes via a worker process manager; assigning an application to each of the one or more worker processes by the worker process manager; isolating each of the one or more worker processes from each other by the worker process manager using each of the following techniques: least-privilege execution, user input messaging isolation, security credentials isolation, data isolation, network resource isolation, fair share resource usage, and managed runtime security; and detecting applications that overuse system resources using a resource manager. 13. The method of claim 12 , wherein detecting applications that overuse system resources further comprises: determining when a server becomes unresponsive; identifying all suspect applications running on the server when the server becomes unresponsive; assigning a point to each suspect application; redistributing the suspect applications to different servers; and identifying a suspect application with the highest point total. 14. A computer program product for sandboxing applications on a multi-tenant server, the computer program product including computer-readable storage media having stored thereon computer-executable instructions that, upon execution by one or more processors of the multi-tenant server, cause the multi-tenant server to: spawn one or more worker processes via a worker process manager; assign an application to each of the one or more worker processes by the worker process manager; isolate each of the one or more worker processes from each other by the worker process manager using one or more of the following techniques: least-privilege execution, user input messaging isolation, security credentials isolation, data isolation, network resource isolation, fair share resource usage, and managed runtime security; and detect applications that overuse system resources using a resource manager. 15. The computer program product of claim 14 , wherein to detect applications that overuse system resources, the computer-executable instructions, upon execution by the one or more processors, further cause the multi-tenant server to: determine when a server becomes unresponsive; identify all suspect applications running on the server when the server becomes unresponsive; assign a point to each suspect application; redistribute the suspect applications to different servers; and identify a suspect application with the highest point total.