Why does Adobe Flash not have a sandbox on Linux?

Discussion in 'all things UNIX' started by ComputerSaysNo, Dec 11, 2012.

Thread Status:
Not open for further replies.
  1. This is a serious shortcoming, Adobe what are you doing?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,029
    Serious shortcoming how.
    Mrk
     
  3. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,742
    Everything in Linux has to run to with least user privilege. And exploits and drivebys in browsers are largely written for Windows.
     
  4. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    not that i am interested in Chrome but isn't Flash sandboxed under Chrome in Linux like it is in Windows?
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It is in Chrome. They don't even support other browsers on Linux.
     
  6. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,380
    Location:
    West Yorkshire, UK
    Only for newer versions, 11.2 (which works in Firefox and other browsers) still gets support.

    "Adobe will continue to provide security updates to non-Pepper distributions of Flash Player 11.2 on Linux for five years from its release"

    http://blogs.adobe.com/flashplayer/...gle-partnering-for-flash-player-on-linux.html

    Cheers, Nick
     
  7. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,380
    Location:
    West Yorkshire, UK
    If a sandbox was needed, surely SELinux or Apparmour would provide suitable protection ?
     
  8. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,388
    Location:
    Canada
    Thanks to m00nbl00d's idea it can be run at Low il in Firefox on Vista/Win7 :)
     

    Attached Files:

  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    11.2 gets security updates, but it won't be getting any new features, like a sandbox. I believe sandboxing was introduced in 11.3 for Firefox.

    You can AppArmor the plugin container process and that's one decent method of protection.
     
  10. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Why is Flash even still alive? This is a SERIOUS shortcoming too, I wish flash would just DIE already!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.