Chrome Throws Flash Into the Sandbox

wiredmikey writes "Google announced today that it will be extending Chrome's sandboxing technology to include the Flash Player plug-in. 'Sandboxing' technology is a method of isolating an application from the rest of the operating system and tightly controlling its resources. According to Google, the new sandboxing feature adds an additional layer of protection and will help protect users against malicious pages that attempt to hijack systems or steal information from the system."

Not really important to me

[gman003]

After all, I already run Chrome itself in a sandbox. Firefox, too. Why?

Pretty much every exploit now begins by "the user visits a website". After that, pretty much any technology can be the hole it exploits - Java, Flash, PDF viewing, even JPEG rendering has been exploited. There's an abundance of targets. The modern browser is just too big a platform to secure completely. So, I don't trust any browser more modern than Lynx.

Re:Flex apps?

[KublaiKhan]

Some of the applications are glorified bookmarks; others--the 'plugins'--extend functionality of the browser itself.

For instance, there's a plugin that allows interface to the system's ping, ping6, traceroute, traceroute6, whois, and a couple of other net-centric functions. It includes some friendly interfacing, and it's smart enough to grab the current tab's URL as the target when invoked.

If the 'plugin' functionality could invoke a flash app, that would work well for more complex programs, and would be helpful for ChromeOS installations--corporate users could invoke custom corporate clients, for instance.