Throughout this chapter, we've seen plenty of ways in which Flash Player's security system restricts a .swf file's access to foreign resources. Now let's examine how, in some cases, a resource distributor can use distributor permissions to override those restrictions.
Recall that a "resource distributor" is the party that delivers a resource from a given remote region. For example, a web site administrator and a socket-server administrator are both resource distributors.
As the party responsible for a given remote region's resources, a resource distributor can grant .swf files from foreign origins access to those resources. To grant .swf files access to a given set of resources, a resource distributor uses a special permission mechanism known as a policy file. A policy file is a simple XML document that contains a list of trusted .swf file origins. In general terms, a policy file gives .swf files from its list of trusted origins access to resources that would otherwise be inaccessible due to Flash Player's security restrictions.
The types of operations a policy file can potentially authorize are:
Accessing content as data
Connecting to a socket
Import loading (discussed separately in the later section "Import Loading")
A policy file cannot authorize cross-scripting operations. For information on authorizing cross-scripting, see the section "Creator Permissions (allowDomain( ))."
Typically, policy files are used to enable interoperation ...