“Since this past March, we’ve been working closely with Adobe to allow Flash Player to take advantage of new sandboxing technology in Chrome, extending the work we’ve already done with sandboxing for HTML rendering and JavaScript execution,” Justin Schuh and Carlos Pizano report via the Chromium Blog.
“This week, we’re excited to roll out the initial Flash Player sandbox for our dev channel users on Windows XP, Vista and 7,” Schuh and Pizano report. “This initial Flash Player sandbox is an important milestone in making Chrome even safer. In particular, users of Windows XP will see a major security benefit, as Chrome is currently the only browser on the XP platform that runs Flash Player in a sandbox.”
Full article here.
MacDailyNews Take: Hey, that’s not true: Apple’s Mobile Safari was the first to sandbox Adobe Flash – straight to B.F. Egypt where it belongs.
Flash runs as a separate process in 64-bit Safari. If it crashes – who cares, Safari still runs.
Looked up “sandboxing” in Wikipedia.
Still don’t understand what it means.
Sandboxing = Containment
I love the MDN take!
I’ve been to BF Egypt and that’s definitely where it belongs!!
The browser isolates Flash in it’s own memory “sandbox”, so if/when Flash acts up, the browser can quit the Flash process without the whole browser going down.
You can think of sandboxing in terms of watertight compartments in a ship. If the ship takes on water the compartment that is flooded can be shut off so the ship’s buoyancy is not affected.
It’s a nice way of saying “hey Adobe Flash you suck! so we’re not going to make you a true extension or add-on but surround you with a mote and relegate you back to the animation gifs that you are” by Google.
Look for the next security hole in Chrome to come from Flash, or Adobe to open up a Chrome tab as full-screen as full-on AIR browser with several sub-tabs and says, “Howdy user! You don’t need the rest of Chrome, just surf inside this player.”
Yeah, the builder of the Titanic thought he had sandboxed the punctured hull problem. Look at how well that worked!
Sandboxing, more like putting a pig in a pen, you still get a mess.
HTML 5 and stop whining or making concessions for losers.
MDN Take: Please ignore all of the Flash ads you see all over MDN that pay our bills. Instead, laugh at this snarky comment!
Idea, let’s just not install it in the first place? :\
I have looked for this B.F. Egypt on a map and haven’t ever been able to find it.
I’m running 10.6.5 and latest Safari upgrade and click to flash and Flash is still crashing my Mac. Last time it locked up the whole machine and had to reboot. Sandboxing flash does not work!
Can u imagine the tech issues across 3 versions of Windows? Let ALONE the offspring of those versions!!! EEEEEE GADS! Good LUCK with That!
Actually kids, you can play with Flash creating its own sandboxing, which is one of the intended features of the new Flash Player beta v10.2, available now. No Chrome required. Will it work? Did Adobe get a clue? **SUSPENSE**
Cubert
BFD!
Or is that RTF? I can’t remember anymore.
Hey, MDN, not to contradict you or anything, but since when is mobile Safari “on the XP platform”?
Article: “Chrome is currently the only browser on the XP platform that runs Flash Player in a sandbox.”
MDN Take: “That’s not true: Apple’s Mobile Safari was the first to sandbox Adobe Flash”
Sandboxing of Flash is much needed on all platforms/ browsers …
@ acid who says “Look for the next security hole in Chrome to come from Flash” – this may be true … more likely Flash will take down Safari given the lack of co-operation between Apple and Adobe these days – also the fact that Apple is allowing users to upgrade Flash on an ad-hock basis and not through their Software Update process.
I’ve removed Flash entirely from my laptop to mitigate the threat Flash poses.
@Graphical: I seem to recall that MDN discontinued use of Flash entirely after Steve’s famous announcement that iOS would not support it.
Anyone know where I can find current statistics on the use of Flash on websites? I’m trying to make a case to a website developer that using Flash is foolish, but can’t find the ammo I need. I’ve tried looking but have not found recent info….
People still using XP should be put in jail, sent out in space or something.