On 16/07/15 03:48 PM, Natu wrote:
On 07/16/2015 05:10 AM, Ben Oliver wrote:
I have to agree with Ralf, you will be fine.
I have been flash-free for 18 months now and it's going absolutely fine. Unless you have a penchant for flash games, there's very little reason to have it installed any more.
I totally support phasing out flash, however, I run firefox inside a docker container and then I don't have to worry about these security issues since I disgard the running container and reload from the saved image daily.
You do have to worry unless you don't care about it someone grabbing all of your active login sessions (cookies), all of the entered form data, etc. There's a reason for browser sandboxes being per-site-instance instead of trying to wrap the browser as a whole. Most of the information the attackers want is in the web browser, or can be obtained there by grabbing passwords and other information like credit card numbers as they're entered.
Anyway, local privilege exploits in the Linux kernel are as common as remote Flash exploits. Docker exposes nearly the entire Linux kernel attack surface to code in the container. It's not much of a sandbox.