In order to reach the filesystem or hardware devices, the sandboxed process will have to go through the OS broker process, which is designed to strictly limit access.
It will also be encumbered with a number of job restrictions that will further limit its access. The main Flash process will be run at a “low integrity” level, which will prevent it from writing to the user’s profile, manipulating the registry, or sending messages to higher integrity processes. The Flash plugin will operate in three separate processes, one that interacts with the browser, one that does the bulk of the Flash execution, and one that mediates control of underlying operating system features. The sandboxing takes advantage of native security features that Microsoft built into Windows Vista and Windows 7. Adobe has worked with Mozilla to bring that feature to Firefox on Windows. In some browsers, such as Chrome, the plugin is sandboxed on Windows to prevent it from accessing sensitive platform functionality. Most browsers already implement process isolation for plugins in order to prevent Flash crashes from taking down the whole application. Adobe and browser vendors have been working to make it harder to exploit by isolating the plugin and working to ensure that users have easier access to the latest version.
The most significant of those changes is the introduction of sandboxing on the Windows platform.ĭue to the frequent discovery of Flash vulnerabilities and the relative ubiquity of the plugin, Flash is one of the most heavily-exploited pieces of software. Several changes that Adobe made in Flash 11.3 aim to boost the browser plugin’s security and reduce its susceptibility to attacks.
0 kommentar(er)
