Feeds

back to article Naughty Flash Player BURIED ALIVE in OS X Mavericks Safari sandbox

The Adobe Flash Player plugin runs in a locked-down sandbox under Safari on OS X 10.9 "Mavericks," making Apple the latest major web browser vendor to provide additional security when viewing Flash content on the web. According to a memo posted by Adobe security strategist Peleus Uhley on Thursday, Flash Player in Mavericks is …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

In the sandbox? more like in the kitty litter with all the other turds.

9
2
Bronze badge

Exactly. I've personally witnessed six blastings of sandboxes into the root system.

SSDD, only with a Johnny come lately.

0
0
Silver badge
Mushroom

golf clap

Safari just like Chrome but less stable and with the same features that come out years later.

5
13
Silver badge

Re: golf clap

If you get started on that line of argument we'll be overrun with Opera users. Both of them.

22
0
Bronze badge

Re: golf clap

Well, the one Opera user is off in a huff because they turned it into a webkit browser, but the other is as manic as ever.

4
0

Re: golf clap

It was always earlier versions of Chrome that crashed painfully hard when Flash was running. So much for the "revolutionary" each-tab-as-a-separate-process approach when Flash would regularly crash ALL of them. One of the reasons why I stopped using Chrome because Flash back then worked fine in everything else.

4
0
Silver badge

Re: golf clap

"If you get started on that line of argument we'll be overrun with Opera users. Both of them."

I miss those Opera users. When reading forum threads it was like running into a bunch of Hare Krishna devotees dancing and striking tambourines.

5
0
Silver badge

Re: golf clap

Hehe! Opera is more usable than Chrome... ...if you're stuck using an XP machine with 512 MB of RAM!

0
1
Anonymous Coward

Re: golf clap

Adjust your count --- their little brother has now grown so much he can reach the keyboard too.

1
0
Anonymous Coward

Re: golf clap

I used opera for a while. But then I realized they were just travelling to the future and stealing ideas from Microsoft and google. I refuse to use the application of somebody who steals from their competition via time travel.

4
0
Gold badge

Re: golf clap

"I miss those Opera users."

Not as much as Opera do. (They seem to have lost about a third of them in the last year or so: http://www.w3schools.com/browsers/browsers_stats.asp.)

0
1
Silver badge

> We also know first hand that Flash is the number one reason Macs crash.

I might be missing something, but the only culprit in allowing a machine to crash is the OS.

User-land code should only affect applications.

6
7
Silver badge

User land code did only affect applications. Apple meant "... is the number one cause of crashes on Macs", not "... is the number one reason OS X crashes".

3
0
Silver badge
Facepalm

> User land code did only affect applications. Apple meant "... is the number one cause of crashes on Macs", not "... is the number one reason OS X crashes".

Jesus, can't any of you guys read?

Here it is again:

"We also know first hand that Flash is the number one reason Macs crash."

0
1
Silver badge

@skelband

Contorting Jobs' statement through selectively strict interpretation is about as meaningful as if I insisted your statement, "User-land code should only affect applications", couldn't possibly mean the logically corrected version, "User-land code should affect only applications", because that's not what you wrote.

Jobs often used 'the Mac' to mean any combination of the hardware, the OS and the applications that run on it.

0
0
Bronze badge

@Skelband

There's a difference between 'cause' and 'allow'. Flash 'causes' the crash, the OS 'allows' it.

4
2
Silver badge

Re: @Skelband

> There's a difference between 'cause' and 'allow'. Flash 'causes' the crash, the OS 'allows' it.

Neither of which was used in the original quote.

I'll say it again for those hard of thinking.....the machine should not crash because of a user program if the OS is properly constructed. Flash might be (and indeed is) a buggy pile of shite, but the OS is there to protect us from such obscenities ( or not in the case of Apple hardware apparently).

0
1

Ummm, this isn't new...

The Flash plugin has indeed been in its own sandbox since Lion... as sort hinted at in the article. I'm confused as to why this is news now.

2
0

Re: Ummm, this isn't new...

reason is everyone thinks mac os x is perfect and has 0 flaws in it so its its easy to blame plugin like flash for what is clearly a problem in apple's OS. When talking about security record, funny how few people point to apple's pretty bad one as well, Flaw is found and they get fixed code within a day of flaw being known world wide and it took them 2 months before they release the patch.

1
12
Silver badge
Stop

Re: Ummm, this isn't new...

The App Sandbox appeared with Lion, it was then made mandatory in early 2012 for programs sold in the Mac App Store, but now with Mavericks this is the first time it's been used by Safari to run plugins.

Flash got dropped from Lion at about the same time, and you had to go to Adobe to download it separately, but it wasn't sandboxed.

4
0

Re: Ummm, this isn't new...

You made me check and yes you're right and I'm wrong.. I made the incorrect assumption that when I saw the Flash plugin running as a separate process in Activity Monitor it was sandboxed.

I'll leave the original post just so this thread makes sense.

10
0
Joke

Re: Ummm, this isn't new...

Hang on! Someone just admitted they were wrong on the internet - isn't that supposed to herald the coming apocalypse or something?

4
0
Gold badge
Unhappy

Interesting idea. When a user program crashes don't let it crash *others*

That's pretty much a ground up principle for mainframes and I thought most *nixes.

Of which Apple is meant to be one.

0
0
Def
Bronze badge

Re: Interesting idea. When a user program crashes don't let it crash *others*

Running in a sandbox isn't just about crashing though. It's about preventing an application's bugs and 'features' from opening your whole system to attack.

I would say sand boxing is more a step towards the general principle of capability based security, where an application is only ever granted access to things it should have access to. Write to 'that' file only, read the contents of just 'this' directory, only allowed to open 'this' network port, etc.

All mainstream operating systems today are a long long way from having that kind of security as standard.

0
0
Silver badge

@Def

The difference in the sandbox approach is that it denies access to resources by checking what they are doing at the API boundary of the sandbox, rather than allowing the underlying OS to control access.

Any suitably designed OS should have controls to contain rogue actions (like the permissions system on the filesystem and IPC resources and Role Based Access Control) already, and many do. But things like Windows up to XP, whilst it had the underlying technology were so compromised by the way that the systems were implemented (users running as an Administrator by default, and too many critical directories having write access to non-administrator accounts) that it became necessary to add the extra 'sandbox' to protect the OS!

Unfortunately, the way that OSX deploys applications is fundamentally flawed (they've added an application deployment framwork into user-space so that you don't need to be root to install an application, or it was this way the last time I looked at OSX), and this unfortunately opens it up to applications being altered by other applications without requiring additional privilege. The OS remains protected, but the applications are vulnerable. This is the reason for implementing a sandbox.

Anyway, sandboxes are not new. On UNIX systems since seemingly forever (certainly since Version 7 in 1978), you've had chrooted environments that you can use to fence particular processes to controlled sub-sets of the system

1
0
JDX
Gold badge

Re: Interesting idea. When a user program crashes don't let it crash *others*

>>That's pretty much a ground up principle for mainframes and I thought most *nixes.

Then please explain why Linux webservers can become inaccessible, even via SSH, if something goes wrong with an application.

0
1
Facepalm

Don't have flash plugins for any of my PC browsers, or indeed Java runtime. Not missed anything as a consequence IFAIK.

0
0

As a long time linux user I know that flash for non MS systems is a mixed bag at best. So I don't use it.

As far as I remember, Adobe claimed lacking support from the linux community for their fine software, looks like Apple, Google and Microsoft sent them real programmers to fix that mess and had to add additional security because it's still broken ...

0
0

Flash locked up like the 'Princes in the tower'. I am looking forward to the total invulnerability of HTML5. Web developers are being played like marks in a big con while Adobe has got itself at least 10 more years of development cycles with its 'Edge' products.

Today I think I'll move an ellipse across the canvas. Yey!

Takes me back to Flash 4.

0
0

I still think ...

... that there is so much ancient legacy code at the back of Flash that no one really knows how it all works any more. Hence the difficulty in fixing it.

0
0
Anonymous Coward

Chrome/Flash is quite useful

whilst helping to beta test mavericks for the last while - Chrome was great as I prefer to not have Flash, nor indeed any other Adobe product on my Mac. When I really need Flash (some inane car manuf. website or kids game like star doll,) then I could run Chrome's inbuilt "Pepper-player". I did quite a bit of feedback with Cupertino as the Pepper player did like to use a CPU or two for itself in early maverick seeds!

0
0

The "Thoughts on Flash" memo was just a smokescreen to cover up the real reason for banning Flash from iOS: with Flash, you can build an application with its own windows, menus, widgets and all that stuff, so it would be possible to violate the coherent look and feel of iOS. Heresy.

Although all that "power" in Flash is a weakness, not a strength, since it makes the product excessively large, complex and, hence, difficult to make stable and secure. And all people really wanted was a movie player.

2
0
Silver badge
Facepalm

and all people wanted was a movie player...

But that's adobe for you.

Don't just provide a minimal technical solution to the problem of - say - defining a portable document format.

Nah why NOT invent a whole new inefficient interpreter in a brand new language that turns a 3 page file of text in a single font into several megabytes of instructions on how to recreate it from scratch.

I think the scales fell from my eyes when I realised that a single page of postscript was actually larger than the full color bitmap at full print resolution of the corresponding A4 page would be.

Didn't Apples first laserwriter have more CPU and memory that the computers that sent it files?

In my IT life three products stand out - maybe four as being the solution not to the actual problem, people had, but solutions to problems people never ever would have had, or would likely to ever encounter.

PostScript/PDF

X-Windows

Flash

*nix lp and friends up to and including CUPS.

Two of them are adobe products...

By dint of massive amounts of effort building layers on top of them to conceal; their utter ghastliness, they have finally been persuaded to work, well enough, but oh, if we had gone the RFC route with them instead, and started off with - say - minimalist implementations that actually worked, and added features ONLY AS AND WHEN THE NEED BECAME BLINDINGLY OBVIOUS.

0
1

Re: and all people wanted was a movie player...

If by "X-Windows" you mean the network-aware nature of X11 then you're completely wrong. It provides capabilities that have been relied upon by thousands of people every day for years and does so with little fuss - nobody claimed it was perfect, but it definitely fulfils a genuine need. For that matter I have no idea why you've put CUPS in there, never mind "lp"... do you think that people aren't likely to need to print? Print spoolers and print servers are solutions to a problem people don't have?

In any case your argument against PDF is fallacious; if all you need is basically unformatted plain text then use plain text - PDF exists because of the difficulties in maintaining formatting appearance across devices whilst retaining the ability to preserve the textual content as such.

1
0
Bronze badge

I'm an Opera user

Last!

(um... not the last Opera user... I hope)

Long, long time Opera user, since modem dial up on Windows 3.1 or something.

Writing this in Opera 17 point something. Yes, it's chromium-flavoured now. I've chosen not to install Flash in it.

Google web sties telling me to upgrade my work browser to Chrome instead of its own newer version was, in my opinion, rude.

0
0
This topic is closed for new posts.