Over the remainder of this chapter, we'll study specific operations and specific security limitations in precise detail. When describing security rules, this book is careful not to generalize at the expense of the accuracy because security generalizations are often the source of frustrating misconceptions. During your study of Flash Player security, you should likewise be wary of forming overly general impressions. Be mindful that when documentation or third-party resources generalize about Flash Player security, they could be underemphasizing important exceptions. For example, the following statement is mostly true, and, therefore, makes a tempting generalization:
A .swf file whose security-sandbox-type is local-with-filesystem has full access to the local realm.
However, there are many notable exceptions to that statement, including:
local-with-filesystem.swf files cannot connect to sockets.
local-with-filesystem.swf files cannot load local-with-networking .swf files.
local-with-filesystem.swf files cannot access the data of local-trusted .swf files without creator permissions.
Accessing the user's camera and microphone requires the user's permission.
Users can disable or limit any .swf file's ability to store data in local shared objects.
In order to avoid confusion, when you face a security issue in your development, always focus on specifics. Determine the specific operation you wish to perform, this security-sandbox-type of your .swf file, ...