Forgot your password?
typodupeerror
Mozilla Firefox Security Software Technology

Sandboxed Flash Player Coming To Firefox 86

Posted by Soulskill
from the box-in-the-fox dept.
Trailrunner7 writes "Adobe, which has spent the last few years trying to dig out of a deep hole of vulnerabilities and buggy code, is making a major change to Flash, adding a sandbox to the version of the player that runs in Firefox. The sandbox is designed to prevent many common exploit techniques against Flash. The move by Adobe comes roughly a year after the company added a sandbox to Flash for Google Chrome. Flash, which is perhaps the most widely deployed piece of software on the Internet, has been a common attack vector for several years now, and the attacks in some cases have been used to get around exploit mitigations added by the browser vendors. The sandbox is designed to prevent many of these attacks by not allowing exploits against Flash to break out into the browser itself."
This discussion has been archived. No new comments can be posted.

Sandboxed Flash Player Coming To Firefox

Comments Filter:
  • 'bout time! (Score:2, Insightful)

    by Anonymous Coward

    Its about damn time they did this for Firefox. I don't know how many times Flash has caused my browser to crash and I couldn't do anything about it. I love how in Chrome only the Flash player dies and not the browser.

    • Re:'bout time! (Score:5, Informative)

      by jjjhs (2009156) on Monday February 06, 2012 @06:16PM (#38946977)
      They isolated plugins (incl Flash and Silverlight) from crashing the browser a long time ago. Version 3.6 or something.
      • They still crash the browser often enough. All FF did was kill plugins that were unresponsive for an X amount of time, but the didn't do any sandboxing or insulating.
    • Re:'bout time! (Score:5, Informative)

      by __1200333 (1200333) on Monday February 06, 2012 @06:37PM (#38947193)

      Switching from on-board to usb audio on windows 7 reliably hangs flash for me.

      However, you CAN do something about it! Find the right plugin-container.exe process (usually easy because it's the one taking hundreds of megabytes) and kill it. Firefox will now resume and give you the "your plugin has crashed" screen wherever flash was embedded previously.

    • Re:'bout time! (Score:4, Interesting)

      by icebike (68054) * on Monday February 06, 2012 @07:07PM (#38947469)

      Chrome Already sandboxes Flash, but only if you turn it on, and only in the DEV branch (Version 17 is current dev version as of this writing).

      You can turn it on as explained here: https://plus.google.com/u/0/116560594978217291380/posts/CJvbAMkBiNf [google.com]

      • Re:'bout time! (Score:5, Informative)

        by Justin_Schuh (322319) on Tuesday February 07, 2012 @01:21AM (#38949843)

        Actually, Flash has been sandboxed in Chrome for about a year, but it's not fully sandboxed. To explain, the Chrome sandbox architecture supports five levels [google.com] on Windows. Chrome's web content and its native PDF reader run at USER_LOCKDOWN and JOB_LOCKDOWN (level 5), which means a deny-only token. Right now Chrome's Flash sandbox runs at USER_INTERACTIVE (level 2) plus low-integrity level (just a bit better than IE's sandbox). However, we've been working for almost two years on a version of Flash that runs in as strong a sandbox as native Chrome content. My post was explaining how to test an alpha release of that improved Flash sandbox.

      • by makomk (752139)

        Also, that isn't going to work for Chromium because it requires the custom version of Flash that comes with Google Chrome, and there's no way to obtain and install that custom Flash plugin if you're a Chromium user - you have to download the none-Chrome version of Flash from Adobe, though chances are if you use Windows and aren't paying close attention that'll try and install Google Chrome too!

        In fact, I'm not sure that Chromium can sandbox the Flash plugin at all.

  • Here's my hope. (Score:5, Insightful)

    by Moryath (553296) on Monday February 06, 2012 @06:00PM (#38946829)

    Maybe sandboxing the damn flash player will stop it from periodically causing Firefox to hang for 30 seconds or so thanks to some damn ugly "full motion video" ad that's trying to load up?

    I'd love to see a ban on FMV ads. Double for FMV ads that start themselves automatically, and quadruple for those fucking ads that blast audio after doing so.

    • Re:Here's my hope. (Score:5, Informative)

      by Galestar (1473827) on Monday February 06, 2012 @06:04PM (#38946867)

      I'd love to see a ban on FMV ads...

      Install FlashBlock

    • Re:Here's my hope. (Score:5, Informative)

      by Hatta (162192) on Monday February 06, 2012 @06:07PM (#38946897) Journal

      Why are you not using NoScript?

      • Seconded.

      • by Microlith (54737)

        Even with NoScript, you're always at risk of Flash hanging Firefox if you permit it to load. I'm not one to be patient with Flash so in such cases I kill the plugin-container and Firefox comes right back (seriously, Flash is the SOLE source of Firefox hangs for me.)

        What I'd like to see is Mozilla set up interactions with the plugin-container to be asynchronous so that the main Firefox thread doesn't hang when Flash kills the container. Until then, you can set dom.ipc.plugins.enabled.timeoutSecs to some supe

        • by Anonymous Coward

          You permit "full motion video" ads to run? Damn, that's stupid. Here's how ya do it, ace. Use noscript + adblock and you'll hardly ever see anything you weren't expecting to see.

      • by cshay (79326)

        ...and flashblock.

        • NoScript blocks Flash, there's no point in having the two installed.

          • by coxymla (1372369)

            FlashBlock keeps the web usable unlike NoScript. If you have to install just one it's a far better option.

            • by PReDiToR (687141)
              FlashBlock and NoScript are both important to me.
              Cover from XSS and clickjacking are as important if not more so than the damn audible and visual annoyance that is Flash.

              I wouldn't say the Internet was worth using without NoScript, AdBlock Plus, FlashBlock, HTTPS Everywhere and Password Hasher.
              This is why I stick with Firefox, even though I know it has problems. Running it in SandBoxie is a must for me on Windows.br
              • by zoloto (586738)
                Dont' forget request policy.
              • But NoScript already blocks Flash (and all other plugins), why install both?

                • by PReDiToR (687141)
                  Sometimes I want to enable scripts on a page without enabling Flash.
                  Some dickheads use Flash for their menus, which can be enabled separately from the ads and videos if the site is important enough to stay on.
      • Re: (Score:3, Informative)

        by 1800maxim (702377)
        Because it breaks the browsing experience on just about every site out there, and manually having to white-list each site is a painful process that's a usability nightmare.
        • Re:Here's my hope. (Score:4, Insightful)

          by cmarkn (31706) on Monday February 06, 2012 @06:53PM (#38947339)
          Yes, because clicking once for each domain that provides scripts to the site, the first time you visit it, is such a nightmare.</sarcasm>
          • by Inda (580031)
            Give the man a break.

            I tried NoScript for a week and had to give up. When a site is loading 20 JS includes, how do you know which ones to allow for functionallity, and which ones are trackers and ad-servers?

            Block them all!

            Only you can't block them all as that often blocks content. That was probably the final straw for me - the blocked content - Google showed me a page I needed, and yet after loading the page, only the H1 headers were displayed, as the rest was generated by JS. That fails the "Dad test" ever
        • by Anonymous Coward

          Anyone who thinks "browsing experience" is a legitimate phrase should not be listened to.

        • Re:Here's my hope. (Score:5, Interesting)

          by Hatta (162192) on Monday February 06, 2012 @06:59PM (#38947401) Journal

          Funny how my mac using artist girlfriend has no problems whatsoever with that "usability nightmare". Since she discovered it (on her own, no software evangelism in this household), she regularly comments on how awful the internet is when she has to use it without NoScript. THAT is the real usability nightmare.

        • by evilviper (135110)

          it breaks the browsing experience on just about every site out there

          If "the browsing experience" is a euphemism for "full-screen ad overlays you have to click through" and "crap popping up when you incidentally mouse over a random word" then I'm happy to break it...

          • No, it's a euphemism for things like CAPTCHA boxes, UBB shortcut windows, and lots of login scripts on sites that have comment systems, possibly even the one you're using now. I just stick with AdBlock and Flashblock, and I'm perfectly happy with my experience.

      • by JDG1980 (2438906)

        Why are you not using NoScript?

        Can't answer on his behalf, but I don't use NoScript because it breaks virtually every site on the Web by default.

    • by Yvan256 (722131)

      Here's an easy solution: remove Flash from your system.

    • Come on, ad block!!

    • by Endo13 (1000782)

      The ones that piss me off the most are the ones on NFL.com pages for live games that play in the same window the game updates will be displayed in. You can't block them, because if you do you won't get what you're on the page for. You can't mute the audio, and nevermind skipping the fucking ad. I've almost quit using the site entirely because of it.

  • Whitelist (Score:5, Insightful)

    by sakdoctor (1087155) on Monday February 06, 2012 @06:00PM (#38946835) Homepage

    The whitelist for flash is in the single digits. Most sites don't need that privilege.
    Youtube, a couple of porn sites ... that's about it really.

    • by zoloto (586738)
      you never need flash with the appropriate plugins such as "click to plugin" always loading the video directly in a similar manner to direct video embedding does. The only benefit to flash is for sites like youtube that have and utilize flash advertisements before videos.
  • by Anonymous Coward

    Look forward to the requisite performance drop and novel new glitches. Yay.

  • Half Way There (Score:4, Insightful)

    by rsmith-mac (639075) on Monday February 06, 2012 @06:08PM (#38946905)

    Considering Flash's extensive use as an attack vector this is great news. I would sleep better at night though if Firefox itself was also sandboxed; in fact I'm a bit surprised you can even sandbox Flash when the browser doesn't support it.

    • Considering Flash's extensive use as an attack vector this is great news. I would sleep better at night though if Firefox itself was also sandboxed; in fact I'm a bit surprised you can even sandbox Flash when the browser doesn't support it.

      What happens when a user wants to download a file (on purpose) to their home directory when the entire browser is sandboxed?

      • A sandbox can permit saving files to a single specific directory while still denying access to any other directory.

      • by PReDiToR (687141)
        If you use Windows give Sandboxie [sandboxie.com] a look over.
        When a file is downloaded you can recover to the directory the browser specifies or choose another location. Leaving it inside the sandbox and running it there (keygen, trial install) gives you the opportunity to remove the whole install if it contains malware, foistware or other crap you don't want.
    • by godrik (1287354)

      Personnally, I run firefox using a separate user account which has read permission only where it needs. (for instance, no /etc and no /home except /etc/iceweasel and /home/firefox obvisouly)

  • by nimbius (983462) on Monday February 06, 2012 @06:11PM (#38946921) Homepage
    the problem with flash security and flash in general is your corporate culture, as is evidenced by consistent prior refusals to patch egregious bugs.

    consider HTML5. I personally liken it to a high caliber rifle in the face of your diseased and crippled cash cow.
    so long, and please dont hesitate to continue pedaling the rest of your product line straight into the ground and hell beyond with the same toxic mismanagement as flash. We here on the internet will gladly engineer the future at your expense, until your corporate office is nothing more than the 21st century equivalent of bleached bones rotting in the noon-day sun, vultured by contractors and languishing at the precipice of bankruptcy.
  • by Anonymous Coward

    First there's the NPAPI, then there's plugin-container, and now there's another layer?

  • by CyberDog3K (959117) on Monday February 06, 2012 @06:15PM (#38946973)
    Yes, let's all rely on Adobe, the company who wrote one of the planet's least secure multimedia delivery platforms in history, to save us from their own software. I'm sure the sandbox will be stable and secure and in no way, shape, or form, completely useless and awful.
    • by Anonymous Coward

      They bought Flash when they acquired Macromedia. They just made it much worse.

    • by twokay (979515)
      Indeed, the Sandbox mode in Adobe Reader X is a PITA. It plays havoc with anti-virus and i have seen workstations with no anti-virus installed refuse to open .pdf docs until it is disabled.

      I still leave it on by default here, but thats the first thing to check when anyone complains their pdf file wont open.
  • Now if we could just get some updates on the next Realplayer release, and whether or not it will be sandboxed with AOL, I can comfortably enter 2005 on the bleeding edge.
  • Firefox is getting so torn between different developer platforms. They could cater to users of canvas, with their JS scratchpad, or they could appease flash users. Tough choice.
  • by PPH (736903) on Monday February 06, 2012 @09:34PM (#38948599)

    My cat has been trying to bury Flash for years.

  • subject says it all, really. it's nice to have it for chrome and firefox, but where it's really needed is in ie.

  • Cave paintings exist where they sandboxed flash. It's about time Adobe did the same....
  • Seems like the most obvious question but does this run on Linux? Also, does Gnash, or any other free implementation of the flash plugin offer this too?

If a subordinate asks you a pertinent question, look at him as if he had lost his senses. When he looks down, paraphrase the question back at him.

Working...