Skip to main content

Adobe announces sandboxing of Flash Player in Safari for OS X Mavericks

Adobe announced today that beginning with the rollout of OS X Mavericks, it will sandbox Flash Player within Safari.

What that means is that Flash will be contained - or sandboxed - in order to make it more difficult for scammers to take advantage of Flash and infect Macs running Mavericks with malicious software.

"As you might expect, Flash Player's capabilities to read and write files will be limited to only those locations it needs to function properly," Peleus Uhley, a platform security strategist at Adobe, wrote in a blog post. "The sandbox also limits Flash Player's local connections to device resources and inter-process communication (IPC) channels. Finally, the sandbox limits Flash Player's networking privileges to prevent unnecessary connection capabilities."

Adobe has already done the same for Google's Chrome, Microsoft's Internet Explorer, and Mozilla's Firefox. Now it is extending sandboxing to Apple's Safari via Mavericks, which the Cupertino-based company rolled out earlier this week.

"Safari users on OS X Mavericks can view Flash Player content while benefiting from these added security protections," Uhley wrote. "We'd like to thank the Apple security team for working with us to deliver this solution."

Apple, of course, has had a rather rocky relationship with Adobe. Its iOS devices don't support Flash at all, and Steve Jobs famously posted a note to the Apple website in 2010 that called it closed, unstable, and antiquated. By November 2011, Adobe admitted that Apple's decision not to support Flash Player on iOS was one of the major factors in its decision to kill development of Flash Player for the mobile Web.

Flash Player is still alive and well on the desktop, however.