Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,286
30,348



new_flashlogo_3.jpg
Software maker Adobe has announced on its blog (via ZDNet) that its Flash Player software is now sandboxed for the version of Safari found in OS X Mavericks, preventing malware targeting Flash from accessing sensitive data and system resources beyond Apple's browser. As described by Apple, sandboxing "provides a last line of defense against the theft, corruption, or deletion of user data" if a malicious attempt is made at exploiting an app.
For the technically minded, this means that there is a specific com.macromedia.Flash Player.plugin.sb file defining the security permissions for Flash Player when it runs within the sandboxed plugin process. As you might expect, Flash Player's capabilities to read and write files will be limited to only those locations it needs to function properly. The sandbox also limits Flash Player's local connections to device resources and inter-process communication (IPC) channels. Finally, the sandbox limits Flash Player's networking privileges to prevent unnecessary connection capabilities.
Flash is a common target for malware and a number of such attacks have affected Mac users, including a trojan named Flashback that began as a fake Flash Player installer before returning with a multi-pronged infection strategy as it infected over 600,000 Macs worldwide. This past February, Adobe also released a Flash Player update to address a pair of security vulnerabilties as Apple updated its Xprotect anti-malware system to enforce new minimum version requirements, blocking all previous versions of Flash Player.

OS X Mavericks is available as a free, one-step update for all Mac users running OS X Snow Leopard and above, available on the Mac App Store. [Direct Link]

Article Link: Adobe Flash Player Now Sandboxed in Safari on OS X Mavericks
 

820647

Guest
Jun 10, 2013
18
0
From Apple's website:
"More sandboxed apps
Sandboxing extends to more apps, including the Mac App Store, Messages, Calendar, Contacts, Photo Booth, Dictionary, and Font Book.

Sandboxed plug-ins
Adobe Flash Player, Silverlight, QuickTime, and Oracle Java plug-ins are sandboxed in Safari."
 

makitango

macrumors 6502a
Apr 15, 2012
759
1,053
So does this mean that I have no longer to install a system-wide Flash to have it enabled in Safari? Like in Chrome? That means I can uninstall Chrome and use Safari for everything, if that's correct.
 

caspersoong

macrumors 6502a
Feb 27, 2011
604
30
Not relevant to this particular article but... the push notification for this was truncated mid-word. Was this intentional?
 

Rocketman

macrumors 603
This may be the central reason why the strategy of a "free, one-step update for all Mac users running OS X Snow Leopard and above", was used. This seems to be a way to get a super-security update to as many Mac users as possible including legacy systems.

As a very strong supporter of legacy system support, this is an unexpected and welcome effort by Apple to bring legacy hardware into the present. I am sure they have financial expectations as well with in-app purchases, app store, etc, but those are only optional benefits. The baseline benefits are free to all.

Hmmm.

Rocketman
 

vpndev

macrumors 6502
May 11, 2009
288
98
persistent cookies

I guess it's too much to hope that the sandbox settings prevent Flash from writing its super-persistent cookies.
 

2457282

Suspended
Dec 6, 2012
3,327
3,015
Definitely a good move in my opinion. A better move would be for developers to transition once and for all to HTML5 and drop the flash trash.
 

lewisd25

macrumors 6502a
Jul 6, 2007
851
591
This may be the central reason why the strategy of a "free, one-step update for all Mac users running OS X Snow Leopard and above", was used. This seems to be a way to get a super-security update to as many Mac users as possible including legacy systems.

As a very strong supporter of legacy system support, this is an unexpected and welcome effort by Apple to bring legacy hardware into the present. I am sure they have financial expectations as well with in-app purchases, app store, etc, but those are only optional benefits. The baseline benefits are free to all.

Hmmm.

Rocketman

If Apple is so concerned about legacy systems, why is my 2006 Mac Pro excluded from Mavericks support???
 

kd5jos

macrumors 6502
Oct 28, 2007
432
144
Denver, CO
Adobe Flash, something everyone wishes would go away but unfortunately is an necessary evil.

Respectfully, the minute people stop believing that, it will go away. I only say that because I haven't had Flash installed for several years now, and this is my daily use system.

I get there may be some corner cases... Yes I know people need to do there job and corporate (or powers that be) haven't migrated yet. I'm stuck in that situation with Java right now. As soon as my employer migrates away from Java (should be Q1 2014) my hassle free days of using the inter webs will begin.

I'm just sayin'...
 

SaxPlayer

macrumors 6502a
Jan 9, 2007
713
635
Dorset, England
OS X Mavericks is available as a free, one-step update for all Mac users running OS X Snow Leopard and above, available on the Mac App Store.

A lot of media outlets are reporting Mavericks availability in those terms. It's like saying "iOS 7 is available to anyone running iOS 5 and above". Total nonsense. OS X Mavericks is available to anyone who has a Mac that is capable of running it. It doesn't matter what version of OS X you've got at the moment.

My ancient white MacBook I bought in 2006 won't run it, despite the fact it's got Snow Leopard on it and my Mac Pro 1,1 bought in 2007 won't run it either despite the fact I've got Lion on it at the moment. Both machines are incapable of running Mavericks so it's the hardware that dictates what you can run, not what version of OS X you've got at the moment.

Do you think I over-reacted? Perhaps I should get out more? :D
 

Jessica Lares

macrumors G3
Oct 31, 2009
9,612
1,055
Near Dallas, Texas, USA
WHAT A LOAD OF BULL!

When you go and install Flash Player from the Adobe website:

Optional offer:

Yes, I want to try the free Lightroom 5 trial and learn how to make good shots great. Add to my download.

:rolleyes: :rolleyes: :rolleyes: :rolleyes:

No thank you. I'm a Creative Cloud subscriber already.

Awesome on the sandboxing though! :D
 

stiligFox

macrumors 65816
Apr 24, 2009
1,480
1,319
10.0.1.3
A complete noob question but: can I still drag *.swf files from Finder into a Safari window and have it run?
 

eoblaed

macrumors 68030
Apr 21, 2010
2,972
3,033
A complete noob question but: can I still drag *.swf files from Finder into a Safari window and have it run?

I don't see how this would affect that capability. It just means that the .swf you drag in there will be running in a sandbox with limited access to the 'outside' as described.
 

stiligFox

macrumors 65816
Apr 24, 2009
1,480
1,319
10.0.1.3
I don't see how this would affect that capability. It just means that the .swf you drag in there will be running in a sandbox with limited access to the 'outside' as described.

Oh I see -- this doesn't limit what flash files can be run, just what those files can do when running. Got it, thank you!
 

Rocketman

macrumors 603
If Apple is so concerned about legacy systems, why is my 2006 Mac Pro excluded from Mavericks support???
Because you adopted trailing edge technology? Just kidding! Obviously they had to draw a line somewhere for hardware capability and OS level. They didn't support my Tiger system, or even do a security and Java update for it as I think they should.

I suspect we will see an entire thread of folks proving Mavericks runs just fine on "unsupported" systems.

Rocketman
 

spatlese44

macrumors 6502
Dec 13, 2007
460
107
Milwaukee
It doesn't matter what version of OS X you've got at the moment.

My ancient white MacBook I bought in 2006 won't run it, despite the fact it's got Snow Leopard on it and my Mac Pro 1,1 bought in 2007 won't run it either despite the fact I've got Lion on it at the moment. Both machines are incapable of running Mavericks so it's the hardware that dictates what you can run, not what version of OS X you've got at the moment.

Do you think I over-reacted? Perhaps I should get out more? :D

Actually, I think it does matter what version of OS X you've got. There was no App Store prior to Snow Leopard. I learned this the hard way trying to upgrade someone to Lion and couldn't. Ironically, by that point I couldn't buy a copy of Snow Leopard at the Apple store I went to.

And BTW, I have an ancient white MacBook from 2006 also. I don't think of it as that 'ancient', but it is getting a little dated. Given the relatively static processing demands web browsing and text editing place on a computer, I can hardly say it will ever be truly outdated. My i7 Ive Bridge Mac Mini is faster, but I wouldn't say it's a game changer. That said, what argument will any of us have in six years from now to say that a 2013 Mac is 'ancient'? 4k display graphics capabilities would seem to be the final hurdle and I'm not sure what more is after that. Smaller?
 

iKen1

macrumors member
Oct 16, 2012
81
34
If Apple is so concerned about legacy systems, why is my 2006 Mac Pro excluded from Mavericks support???

Because it only has a 32bit boot ROM and thus cannot work a 64bit system. The ROM is also too small for the 64bit version to be installed.
 

Parasprite

macrumors 68000
Mar 5, 2013
1,698
144
That said, what argument will any of us have in six years from now to say that a 2013 Mac is 'ancient'?

For me, when it becomes insufficient for web browsing. However, the increasing complexity of websites has tapered off in recent years in part due to better hardware, but also due to the massive improvements in efficiency that modern web browsers have made. If I can't at least use it as a quick internet kiosk, it's usefulness is limited for me.

That being said, my 1st gen MacBook Air was insufficient to browse the web in 2008, so maybe it isn't the best indicator of obsolescence.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.