Understanding the Flash Player's security model is essential when building Flex-based rich Internet applications (RIAs). The security model dictates how your application interacts with the environment around it, both the local client machine and any servers that you may be accessing data from. The focus of this chapter is to explain the Flash Player's security model as it pertains to Flex applications.
When speaking of the security model, we don't mean authentication against a server or application-level security. We are actually referring to the security levels of the Flash Player and what resources it can access.
It is easiest to think of a security sandbox this in the context of a web browser. No web pages that are loaded in the browser can automatically access resources or scripts on the local machine. They also cannot load and invoke scripts or data directly from other servers, although you can load images from other servers. You can load other web pages in
Frame elements; however, each frame has its own sandbox.
In general, a security sandbox is a mechanism that allows you to execute programs in a controlled manner. The sandbox defines and controls what resources you can and cannot access. In the case of the Flash player, this controls whether or not you can access data or media files from remote servers or the local filesystem.
By default, each Flex application instance has its ...