• Adobe: Flash Player is Sandboxed in Safari On OS X Mavericks

    Adobe has announced that its widely-used Adobe Flash Player software has been given some additional security in Apple’s latest operating system for the company's Mac lineup, OS X Mavericks. Apple launched the new operating system on Tuesday, just after the company's special media event, where they unveiled new Mac machines, new iPad models, and new software.

    The additional security for Adobe Flash Player in OS X Mavericks is built into the latest version of Safari, the operating system’s native and default Web browser. Adobe notes that Adobe Flash Player is now sandboxed in Safari, meaning that it only gets the permissions that it absolutely needs, and nothing else more:

    Over the last few years, Adobe has protected our Flash Player customers through a technique known as sandboxing. Thus far, we have worked with Google, Microsoft and Mozilla on deploying sandboxes for their respective browsers. Most recently, we have worked with Apple to protect Safari users on OS X. With this week’s release of Safari in OS X Mavericks, Flash Player will now be protected by an OS X App Sandbox.

    For the technically minded, this means that there is a specific com.macromedia.Flash Player.plugin.sb file defining the security permissions for Flash Player when it runs within the sandboxed plugin process. As you might expect, Flash Player’s capabilities to read and write files will be limited to only those locations it needs to function properly. The sandbox also limits Flash Player’s local connections to device resources and inter-process communication (IPC) channels. Finally, the sandbox limits Flash Player’s networking privileges to prevent unnecessary connection capabilities.
    Adobe also notes that the sandboxing has been implemented in the past in other systems through the cooperation of companies like Google, Microsoft, and Mozilla; this is the first time that the company has worked with Apple directly to implement this kind of security in Apple's systems.

    If you haven’t upgraded to OS X Mavericks already, we would recommend doing so. Not only is the update free, and bring with it a number of new features that can be found useful, but the additional security offers a lot of benefits. OS X is known for being targeted by fake Adobe Flash Player installation pop-ups that can be used to install malware after the user enters their password.

    Sources: Adobe
    This article was originally published in forum thread: Adobe: Flash Player is Sandboxed in Safari On OS X Mavericks started by Anthony Bouchard View original post
    Comments 1 Comment
    1. Jahooba's Avatar
      Jahooba -
      Why aren't more programs sandboxed, I've wondered. And why can't an OS automatically sandbox any/ every program?
  • Connect With Us

  • Twitter Box

  • Facebook