Internet Explorer (since 8.0) does it as well. The process starts and it spaws another process that uses a restricted user. The initial process does next to nothing while the restricted process is used to do all the rendering, handle the add-ons etc… That’s a smart way to increase security on a system where the user runs as admin. Look at your process list with process explorer and you will see the obvious differences between the parent IE and its child process.
Ladislav,
I wasn’t trying to imply that security sandboxing doesn’t work (it does) but rather that the Acrobat X use of it seems a bit questionable.
Tony
OSR
And, since PDF documents are the favorite “platform” for exploits these
days (IIRC over half of exploits in the wild target PDFs), Acrobat’s sandbox is actually a good idea.
It’s really more of an overall Adobe thing than merely a PDF - don’t forget
flash. Between the two, that’s a huge percentage of exploits, not to
mention a huge percentage of all machines out there, of almost every
platform.
The details are to date sketchy and are also unsubstantiated, but at the
moment PDF has been implicated in the RSA hack.
That being said, what I most remarkable is that up until very recently,
Adobe did very close to nothing about these problems, at least publicly, as
best as I can tell, and it’s not at all apparent that their business has
sufferered, though I don’t really find that part surprising.
