Adobe has announced that they are using the new Apple App Sandbox feature to restrict malicious code from running outside of Safari in OS X Mavericks. Adobe has worked with Google, Microsoft, and Mozilla for deploying sandboxes for their browsers. Flash Player will now be protected by an OS X App Sandbox.
“For the technically minded, this means that there is a specific com.macromedia.Flash Player.plugin.sb file defining the security permissions for Flash Player when it runs within the sandboxed plugin process. As you might expect, Flash Player?s capabilities to read and write files will be limited to only those locations it needs to function properly. The sandbox also limits Flash Player?s local connections to device resources and inter-process communication (IPC) channels. Finally, the sandbox limits Flash Player?s networking privileges to prevent unnecessary connection capabilities,” said Adobe in a blog post.