flex-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From OmPrakash Muppirala <bigosma...@gmail.com>
Subject Re: Deploying Flex apps to Flash-unfriendly intranets
Date Tue, 09 Apr 2013 18:35:57 GMT
On Tue, Apr 9, 2013 at 8:18 AM, Russell Warren <russ@perspexis.com> wrote:

> When deploying Flex applications on a company intranet, how are people
> dealing with IT departments who don't want Flash installed on any corporate
> machines for security issues (or whatever excuse they may have)?
> A nice and clean answer would be to have some easily implementable way to
> have a global policy that restricts the flash player to only run content
> from a whitelisted set of domains (intranet, trusted external sites, etc).
>  Is this possible?
> This must be fairly common for behind-the-firewall Flex apps, but I'm
> unable to find any solutions so far.  What are people doing?
> Russ

There are a few decent admin guides for Flash Player available here: [1],
[2], [3]  These documents also have links to quite a few resources
regarding security, sandboxes, settings admin, etc.  I think these should
help a lot.

But I have definitely seen clients who don't want to upgrade Flash Player
at a given point for various reasons.  The best argument against this would
be that newer flash players have important security bug fixes.  Here is a
security bulletin listing important fixes for FP vulnerabilities [4]  Be
careful with this argument though, it could cut both ways :-)


[4] http://www.adobe.com/support/security/#flashplayer

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message