The sandbox has been introduced into the roughest version of Chrome -- the "dev" build -- and is currently available only on the Windows edition of Google's browser.
[ The Web browser is your portal to the world -- as well as the conduit that lets in many security threats. InfoWorld's expert contributors show you how to secure your Web browsers in this "Web Browser Security Deep Dive" PDF guide. ]
A "sandbox" isolates processes on the computer, preventing or at least hindering malware from escaping an application to wreak havoc on the machine.
Flash has become a very popular target for hackers, who have regularly exploited its vulnerabilities this year. Adobe has had to patch Flash five times since January, and in several cases had to issue emergency fixes to stymie ongoing attacks.
Apple, which has been squabbling with Adobe over Flash since the 2007 introduction of the iPhone, recently yanked the software from its newest MacBook Air, and plans to eliminate it from future machines as well. It cited security as the reason for dropping Flash from its Mac OS X operating system.
Google took a different tack: It worked with Adobe to craft a sandbox that shelters Flash Player.
"There was a lot of work on both sides," said Peleus Uhley, Adobe's platform security strategist, in a Wednesday interview. "The interfaces to open-source browsers are completely different from, say, Internet Explorer, and we had to restructure Flash Player to put it in a sandbox."
"The Flash Player sandbox is specifically designed around Flash's processes and functionality to protect certain sensitive resources from being accessed by malicious code, while allowing the use of less sensitive ones," said Google's Chrome team in an e-mail reply to Computerworld's questions Wednesday.
Specifically, Google's and Adobe's engineers partnered to build a "broker" process, which decides which functions Flash can conduct outside the sandbox, and mediates requests between the plug-in and the rest of the browser, as well as the operating system.
"This restricts the ability of malicious code that may be running in Flash Player to compromise sensitive system resources," Google explained.