Manualshelf

User Guide

ManualsBrandsMacromedia ManualsOtherFLEX 2-PROGRAMMING ACTIONSCRIPT 3.0
451452453454455456457458459460
454 Flash Player Security
The Global Flash Player Trust directory
Administrative users and installer applications can register specified local SWF files as trusted.
These SWF files are assigned to the local-trusted sandbox. They can interact with any other
SWF files, and they can load data from anywhere, remote or local. Files are designated as
trusted in the Global Flash Player Trust directory, which is in the same directory as the
mms.cfg file, in the following locations (locations are specific to the current user):
Windows: system\Macromed\Flash\FlashPlayerTrust
(for example, C:\windows\system32\Macromed\Flash\FlashPlayerTrust)
Mac: app support/Macromedia/FlashPlayerTrust
(for example, /Library/Application Support/Macromedia/FlashPlayerTrust)
The Flash Player Trust directory can contain any number of text files, each of which lists
trusted paths, with one path per line. Each path can be an individual SWF file, HTML file, or
directory. Comment lines begin with the
# symbol. For example, a Flash Player trust
configuration file containing the following text grants trusted status to all files in the specified
directory and all subdirectories:
# Trust files in the following directories:
C:\Documents and Settings\All Users\Documents\SampleApp
The paths listed in a trust configuration file should always be local paths or SMB network
paths. Any HTTP path in a trust configuration file is ignored; only local files can be trusted.
To avoid conflicts, give each trust configuration file a filename corresponding to the installing
application, and use a .cfg file extension.
As a developer distributing a locally run SWF file through an installer application, you can
have the installer application add a configuration file to the Global Flash Player Trust
directory, granting full privileges to the file that you are distributing. The installer application
must be run by a user with administrative rights. Unlike the mms.cfg file, the Global Flash
Player Trust directory is included for the purpose of installer applications granting trust
permissions. Both administrative users and installer applications can designate trusted local
applications using the Global Flash Player Trust directory.
There are also Flash Player Trust directories for individual users (see the next section, “User
controls).
User controls
Flash Player provides three different user-level mechanisms for setting permissions: the
Settings UI, the Settings Manager, and the User Flash Player Trust directory.