Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chrome Throws Flash Into the Sandbox

Posted by CmdrTaco on from the with-a-pail-and-shovel dept.

wiredmikey writes "Google announced today that it will be extending Chrome's sandboxing technology to include the Flash Player plug-in. 'Sandboxing' technology is a method of isolating an application from the rest of the operating system and tightly controlling its resources. According to Google, the new sandboxing feature adds an additional layer of protection and will help protect users against malicious pages that attempt to hijack systems or steal information from the system."

6 of 109 comments (clear)

  1. Apple has the ultimate Flash sandbox by wjousts · · Score: 5, Funny

    You have to run it on a completely different machine. Can't get much more secure than that.

  2. By announced "today", you mean December 1st? by VGPowerlord · · Score: 4, Informative

    In case you missed it, the Chromium Blog talked about this in their December 1st blog entry.

    --
    GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
  3. Not really important to me by gman003 · · Score: 4, Interesting

    After all, I already run Chrome itself in a sandbox. Firefox, too. Why?

    Pretty much every exploit now begins by "the user visits a website". After that, pretty much any technology can be the hole it exploits - Java, Flash, PDF viewing, even JPEG rendering has been exploited. There's an abundance of targets. The modern browser is just too big a platform to secure completely. So, I don't trust any browser more modern than Lynx.

    1. Re:Not really important to me by carkb · · Score: 4, Informative

      Even Lynx is too 'modern'. Check this exploit: http://www.vupen.com/english/advisories/2010/2042

  4. Re:Dupe by wiredmikey · · Score: 4, Informative

    Yes, they mentioned it earlier, today it appears to actually be in action and built into the latest beta of the product.

  5. Re:Flex apps? by KublaiKhan · · Score: 3, Interesting

    Some of the applications are glorified bookmarks; others--the 'plugins'--extend functionality of the browser itself.

    For instance, there's a plugin that allows interface to the system's ping, ping6, traceroute, traceroute6, whois, and a couple of other net-centric functions. It includes some friendly interfacing, and it's smart enough to grab the current tab's URL as the target when invoked.

    If the 'plugin' functionality could invoke a flash app, that would work well for more complex programs, and would be helpful for ChromeOS installations--corporate users could invoke custom corporate clients, for instance.

    --
    In Xanadu did Kubla Khan
    A stately pleasure dome decree