Flash Sandboxing, Coming to a Chrome Near You

Posted on 15. Nov, 2010 by in News

flattr this!

Some of the code revisions at the Chromium site are pointing to the fact that Abode Flash is now going to be sandboxed. This will arrive in the Canary and Dev Channels soon.

When the integrated PDF reader was released for Chrome and was sandboxed, I was already under the impression that Flash was too. It appears that wasn’t the case until now.

Just as a quick review, sandboxing is a security method for running separate programs. It is a big part of Chrome and a feature that has been rolled out in other browsers since Google first introduced it.

chromeflash

Google has provided Chrome with a baked-in Flash component for some time. This is a security feature that allows Flash to be silently updated as needed with security fixes and other improvements. The company has taken a very different stance to Flash than that of Apple which bemoans, perhaps legitimately, about the performance and stability of Flash.

Flash is a perfect candidate for sandboxing, but to technically get it accomplished was much more of a challenge that it was for the PDF reader in Chrome. That’s because some of the functionality that Flash provides in specific applications such as local file access or uploads would be hindered by it being sandboxed.

It remains to be seen if it will be an issue, yet it’s surely been tested by Google. Although some of the elements of Flash that made it dangerous may now be under control there may be problems running it for a small minority of purposes.

Do you think there will be issues with Flash being sandboxed?

via DownloadSquad

0
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite

Related posts:

  1. Problems With Chrome’s Flash Sandboxing?
  2. Video: Chrome Sandboxing
  3. Instant, Flash Sandboxing, WebGL Comes to Chrome Beta

Tags: , , , , , , , , ,

6 Responses to “Flash Sandboxing, Coming to a Chrome Near You”

  1. gpeasy

    15. Nov, 2010

    I thought Flash was already sandboxed, like you. From the past hacker competitions I had always heard that the sandboxing was the problem to get around. . . and it seemed like they were referring that flash was in that sandbox. Maybe it’s the case that chrome as a whole is sandboxed and now Flash will be sandboxed within it’s own sandbox inside the Chrome sandbox. . . boxes within boxes within boxes. . . .

  2. Daniel Cawrey

    15. Nov, 2010

    Glad I’m not the only one! I guess what they were referring at the competitions was just the fact that every tab was sandboxed. I like your box inside a box reference for sure…

  3. Flash Sandboxing prochainement | Chrome OS

    16. Nov, 2010

    [...] http://www.thechromesource.com Partager / [...]

  4. Tweets that mention Flash Sandboxing, Coming to a Chrome Near You | thechromesource - Google Chrome and Chrome OS News and Resources -- Topsy.com

    17. Nov, 2010

    [...] This post was mentioned on Twitter by HN Firehose, thechromesource. thechromesource said: Flash Sandboxing, Coming to a Chrome Near You: Some of the code revisions at the Chromium site are pointing to t… http://bit.ly/blLzAb [...]

  5. Chrome Developer Tutorial | In the Googleplex

    17. Nov, 2010

    [...] Flash Sandboxing, Coming to a Chrome Near You (thechromesource.com) [...]

  6. Flash Security Update in Chrome at the Forefront of Browser Security | thechromesource - Google Chrome and Chrome OS News and Forum

    21. Mar, 2011

    [...] is currently the only one to have this particular flaw patched. Google also successfully began to sandbox Flash as a separate process that the browser considers hostile, just like every [...]

Leave a Reply

Name

Email

Website

Comment