If you rushed to upgrade your Mac to OS X Mavericks, congratulations -- you've just taken a big step forward in web security. Adobe has confirmed that Flash Player is now sandboxed in Safari for Mavericks users, preventing Flash-based malware from accessing code and resources beyond Apple's browser. The company is taking special advantage of OS X's new app sandboxing feature, which also minimizes the security risks for other plugins and programs. Safari is undoubtedly late to the party when Flash has been sandboxed for a while in both Chrome and Firefox, but we won't knock an upgrade that neuters many potential security exploits.
For the technically minded, this means that there is a specific com.macromedia.Flash Player.plugin.sb file defining the security permissions for Flash Player when it runs within the sandboxed plugin process. As you might expect, Flash Player’s capabilities to read and write files will be limited to only those locations it needs to function properly. The sandbox also limits Flash Player’s local connections to device resources and inter-process communication (IPC) channels. Finally, the sandbox limits Flash Player’s networking privileges to prevent unnecessary connection capabilities.
Safari users on OS X Mavericks can view Flash Player content while benefiting from these added security protections.
No comments:
Post a Comment