Coming to Firefox: Flash Player in a sandbox

Coming to Firefox: Flash Player in a sandbox

Summary: Adobe says sandboxing technology has proven very effective in protecting users by increasing the cost and complexity of writing effective exploits.

SHARE:

Adobe's Flash Player plugin that ships with the Firefox browser will soon be fitted with a sandbox as part of the company's ongoing attempt to keep malicious hackers at bay.

Adobe has launched a public beta of a new Flash Player sandbox (aka "Protected Mode") for Mozilla's flagship browser and the company expects to have a final version of the anti-exploit roadblock later this year.

According to Peleus Uhley, a researcher in Adobe's secure software engineering team, the design of the Firefox Flash sandbox is similar to the Protected Mode mitigation fitted into Adobe Reader X.

Uhley explains:

follow Ryan Naraine on twitter

Like the Adobe Reader X sandbox, Flash Player will establish a low integrity, highly restricted process that must communicate through a broker to limit its privileged activities. The sandboxed process is restricted with the same job limits and privilege restrictions as the Adobe Reader Protected Mode implementation. Adobe Flash Player Protected Mode for Firefox 4.0 or later will be supported on both Windows Vista and Windows 7.

[ SEE: Ten little things to secure your online presence ]

Uhley said sandboxing technology has proven very effective in protecting users by increasing the cost and complexity of authoring effective exploits.

Ever since Adobe Reader X unveiled its sandbox in November 2010, Adobe says it has "not seen a single successful exploit in the wild" against the newest version of that sofware.

"We hope to see similar results with the Flash Player sandbox for Firefox once the final version is released later this year," Uhley said.

Separately, Adobe security chief Brad Arkin says the company is moving to silent auto security updates for Flash Player "soon."

Topics: Browser, Enterprise Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • Wait...

    Adobe's still investing in Flash???

    By all accounts...a little late re. "security investments". And a little confusing WRT the recent announcements of moving away from Flash and towards standard UI technologies.
    Techboy_z
  • Hope there will be a 64 bits version too

    and low resource consumption.
    RelaxWalk
    • Doubt it ....

      @RelaxWalk .... The fastest way to drain a battery on any laptop (or Android device) is using Flash.
      wackoae
  • RE: Coming to Firefox: Flash Player in a sandbox

    The problem with Flash being in a sandbox is Flash dumps so many cat turds that the box will quickly fill up and crash.
    gribittmep
    • You've obviously never heard of ...

      @gribittmep .. Sandboxie

      According to Uhley:

      [i]" ... Like the Adobe Reader X sandbox, Flash Player will establish a low integrity, highly restricted process that must communicate through a broker to limit its privileged activities. The sandboxed process is restricted with the same job limits and privilege restrictions as the Adobe Reader Protected Mode implementation. Adobe Flash Player Protected Mode for Firefox 4.0 or later will be supported on both Windows Vista and Windows 7. "[/i]

      ...hmmmmm, sounds uncannily alot, to me, like what Sandboxie has done for me for the last 4 years. Difference is, with Sandboxie i get to discard all contents after a sandboxed, browsing session. Add to that, that I also get to run any app', i so please, in a sandbox ... you can't do that with a browser-specific sandbox. ;)

      But don't take my word for it. Try it .. you'll fly it! :D

      http://www.sandboxie.com/
      thx-1138_