flex-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From OmPrakash Muppirala <bigosma...@gmail.com>
Subject Re: Deploying Flex apps to Flash-unfriendly intranets
Date Tue, 09 Apr 2013 18:35:57 GMT
On Tue, Apr 9, 2013 at 8:18 AM, Russell Warren <russ@perspexis.com> wrote:

> When deploying Flex applications on a company intranet, how are people
> dealing with IT departments who don't want Flash installed on any corporate
> machines for security issues (or whatever excuse they may have)?
>
> A nice and clean answer would be to have some easily implementable way to
> have a global policy that restricts the flash player to only run content
> from a whitelisted set of domains (intranet, trusted external sites, etc).
>  Is this possible?
>
> This must be fairly common for behind-the-firewall Flex apps, but I'm
> unable to find any solutions so far.  What are people doing?
>
> Russ
>

There are a few decent admin guides for Flash Player available here: [1],
[2], [3]  These documents also have links to quite a few resources
regarding security, sandboxes, settings admin, etc.  I think these should
help a lot.

But I have definitely seen clients who don't want to upgrade Flash Player
at a given point for various reasons.  The best argument against this would
be that newer flash players have important security bug fixes.  Here is a
security bulletin listing important fixes for FP vulnerabilities [4]  Be
careful with this argument though, it could cut both ways :-)

Thanks,
Om

[1]
http://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/en/devnet/flashplayer/pdfs/flash_player_11_5_admin_guide.pdf
[2]
http://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/en/devnet/flashplayer/pdfs/flash_player_windows8_admin_guide.pdf
[3]
http://helpx.adobe.com/flash-player/kb/administration-configure-auto-update-notification.html
[4] http://www.adobe.com/support/security/#flashplayer

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message