Why does Adobe Flash not have a sandbox on Linux?

Discussion in 'all things UNIX' started by ComputerSaysNo, Dec 11, 2012.

Thread Status:
Not open for further replies.
  1. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,425
    This is a serious shortcoming, Adobe what are you doing?
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Serious shortcoming how.
    Mrk
     
  3. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    Everything in Linux has to run to with least user privilege. And exploits and drivebys in browsers are largely written for Windows.
     
  4. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    not that i am interested in Chrome but isn't Flash sandboxed under Chrome in Linux like it is in Windows?
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It is in Chrome. They don't even support other browsers on Linux.
     
  6. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Only for newer versions, 11.2 (which works in Firefox and other browsers) still gets support.

    "Adobe will continue to provide security updates to non-Pepper distributions of Flash Player 11.2 on Linux for five years from its release"

    http://blogs.adobe.com/flashplayer/...gle-partnering-for-flash-player-on-linux.html

    Cheers, Nick
     
  7. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    If a sandbox was needed, surely SELinux or Apparmour would provide suitable protection ?
     
  8. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Thanks to m00nbl00d's idea it can be run at Low il in Firefox on Vista/Win7 :)
     

    Attached Files:

  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    11.2 gets security updates, but it won't be getting any new features, like a sandbox. I believe sandboxing was introduced in 11.3 for Firefox.

    You can AppArmor the plugin container process and that's one decent method of protection.
     
  10. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Why is Flash even still alive? This is a SERIOUS shortcoming too, I wish flash would just DIE already!
     
Loading...
Thread Status:
Not open for further replies.