Adobe and Apple Collaborate to Sandbox Flash in Safari for Mavericks
Adobe and Apple don’t have the warmest history, but the two companies have recently taken a big step forward together in the name of Internet security. Adobe confirmed Wednesday that a sandboxed Flash player is now available for Apple’s Safari Web browser as part of the recently released OS X Mavericks. While Flash is still not included in Safari or OS X by default, those who choose to install it manually can rest a little easier with the knowledge that any Flash-based malware or exploits aren’t likely to reach other areas of the system.
With this week’s release of Safari in OS X Mavericks, Flash Player will now be protected by an OS X App Sandbox…As you might expect, Flash Player’s capabilities to read and write files will be limited to only those locations it needs to function properly. The sandbox also limits Flash Player’s local connections to device resources and inter-process communication (IPC) channels. Finally, the sandbox limits Flash Player’s networking privileges to prevent unnecessary connection capabilities.
Adobe has previously worked with Microsoft, Google, and Mozilla to sandbox Flash in each company’s respective browser, and the latest collaboration with Apple helps Adobe cover its bases, protecting Flash on the vast majority of active browser platforms.
As a major online multimedia platform, Apple used to include Flash as part of OS X and Safari. Following a series of security concerns and a public battle over Flash’s negative effect on battery life, Apple decided to stop supplying Flash by default on Macs in late 2010. Since then, users have been able to install Flash manually, but Apple has proactively blocked the software on occasion as new security vulnerabilities were discovered. This week’s announcement that Flash will be sandboxed in Safari should greatly reduce the security vulnerabilities that concern Apple and its customers.