Adobe Flash Player runs in a sandboxed environment in Safari on OS X Mavericks


Adobe Flash Player, a browser plugin that is used on a lot of websites, is a very common target for malware and remote code execution exploits. To prevent such exploits from taking over your entire system, the Flash plugin runs in a sandboxed environment on Chrome, Firefox, and with OS X Mavericks, it is sandboxed in Safari too.

From Adobe’s blog:

Over the last few years, Adobe has protected our Flash Player customers through a technique known as sandboxing. Thus far, we have worked with Google, Microsoft and Mozilla on deploying sandboxes for their respective browsers. Most recently, we have worked with Apple to protect Safari users on OS X. With this week’s release of Safari in OS X Mavericks, Flash Player will now be protected by an OS X App Sandbox.

flash sandbox

Safari’s sandbox limits Flash plugin’s read and write capabilities only to locations where it’s absolutely needed. Other security measures include limited connections to local devices, processes and (unneeded) network connectivity.

Safari on OS X Mavericks also lets you disable animated Flash banner ads as a part of a new “Power Saver” mode. While Apple and Adobe haven’t been on great terms when it comes to Flash, Adobe notes that it has worked with Apple’s security team on the snadboxed Flash plugin. You can upgrade to OS X Mavericks for free from the Mac App Store.

Like this post? Share it!