 |
 | Firefox security add-ons |  |
|
Steven
Guest
|
|
Do I need extra add on like "Better privacy" if running FF sandboxed?
Do flash cookies by-pass Sanboxie? Thanks. |
|||||||||||
|
|||||||||||||
 |
| |
|
Guest10
|
|
Flash-cookies (Local Shared Objects, LSO) are never saved out of the sandbox, but will be deleted when the contents of the sandbox is deleted.
However, any that you might pick up when not running sandboxed, and are already stored outside of the sandbox, will be readable by the sandboxed program when it runs. There's a control panel at: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html that allows you to delete these cookies (outside of the sandbox), but each time that you update Flash your settings may go back to the defaults. Use this control panel when unsandboxed, because your settings must be saved outside of the sandbox. I believe, at: %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\ In addition, when unsandboxed : recent versions of Firefox, Safari, and Google Chrome treat these cookies the same as any other cookies, and can delete them. The privacy modes of Internet Explorer, Mozilla Firefox, Google Chrome, and Safari are supported by Flash. Local shared objects created in privacy mode are discarded at the end of the session. Those created in a regular session are also not accessible when in privacy mode. If it wasn't possible to delete existing LSO cookies that are outside of the sandbox, you could still hide those cookies when using a sandboxed browser, using Sandboxie's "Write-Only Access" setting for the folder where they are stored. I think that folder would be: %APPDATA%\Macromedia\Flash Player\#SharedObjects\ When sandboxed, there's no need to do anything to the cookies that are stored in the corresponding folder that's inside the sandbox, because Delete Contents of the sandbox will delete any cookies that are saved there. |
|||||||||||
|
_________________ Paul XP Pro SP3 (Admin rights), Zone Alarm Pro Firewall, Malwarebytes Pro, Firefox 21, Thunderbird 17
|
|||||||||||||
|
| Firefox security add-ons | |
|
Steven
Guest
|
|
Allowing "plugin-container.exe" or FlashPlayerPlugin.exe to run in restrictions, doesn't that allow flash cookies to be saved outside of the sandbox?
I have already set Flash control panel "block sites from storing information" Thank you. |
|||||||||||
|
|||||||||||||
|
| Re: Firefox security add-ons | |
|
Guest10
|
|
%APPDATA%\Macromedia\Flash Player\#SharedObjects\ would need to be specified in a Direct Access setting for firefox.exe. That's not a default setting, so you aren't likely to do that. The cookies will only exist inside the sandbox, at: C:\Sandbox\(user name)\(sandbox name)\user\current\Application Data\Macromedia\Flash Player\#SharedObjects\ (that's on XP. On other Windows versions it might be slightly different) After my latest Flash update I visited the control panel mentioned above. My settings there had been changed by the update. |
|||||||||||||
|
|||||||||||||||
|
 | Firefox security add-ons | |
|
||
Use the RSS feed to watch this topic for replies |
|
|