Thursday, January 21, 2010

How to secure plugins in Chrome

Google Chrome has the capability to run its plugins in its sandbox. However that option is not enabled by default. Personally I don't agree with this choice but read the disclaimer about how that's not the opinion of my employer.

I strongly recommend using the safe-plugins option for Chrome. Here's instructions on how to create a shortcut for a "safe chrome" on Windows:

  • Copy the launcher icon (from the desktop, taskbar, or start menu)
  • Paste it on the desktop, rename it if you wish.
  • Right-click on the new icon, select "Properties"
  • Change the target so it ends like this:
    • ...\Application\chrome.exe" --safe-plugins