Adobe Flash Player now sandboxed on OS X Safari

Adobe Flash Player now sandboxed on OS X Safari

Summary: When run on OS X 10.9 Mavericks, Adobe Flash Player will run in a sandbox, with limited capacity for mischief if compromised.

TOPICS: Security

Having released protected versions of Flash Player for Google Chrome, Microsoft Internet Explorer and Mozilla Firefox, Adobe has announced that Flash Player will be sandboxed on Apple Safari when run on OS X 10.9 Mavericks.

Specifically, Adobe has created a sandbox profile for the Flash plugin and included it in the Webkit project. Webkit is the browser engine used in Safari.

The sandbox profile tells Safari/Webkit to limit the ability of the plugin to read or write files to only the specified items. The goal of a sandbox such as this is to limit the damage that an attacker can do if he takes control of Flash through a vulnerability. The sandbox should prevent attackers from attacking other programs or creating a persistent infection.

Adobe has also sandboxed the major versions of their Reader program and Acrobat. These programs used to be leading targets for malicious attack on the web, but years of security work on them have induced attackers to look elsewhere.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Pretty disingenuous

    ALL plug-ins are required to be sandboxed in the new Safari, else a very scary pop-up will appear warning user that application can do more harm.