Applications running in a web browser have only limited
interaction with the user's local file system. Web browsers implement
security policies that ensure that a user's computer cannot be compromised
as a result of loading web content. For example, SWF files running
through Flash Player in a browser cannot directly interact with
files already on a user's computer. Shared objects can be written
to a user's computer for the purpose of maintaining user preferences
and other data, but this is the limit of file system interaction.
Because AIR applications are natively installed, they have a different
security contract with the end user. This contract between the application
and the end user is made at install time just like native applications,
and it includes the capability for the application to read and write
across the local file system.
This freedom comes with a higher degree of responsibility for
developers. Accidental application security gaps jeopardize not
only the functionality of the application, but also the integrity
of the user’s computer. The developer documentation includes AIR
security information that addresses best practices.
Unless there are administrator restrictions applied to the user’s
computer, AIR applications are privileged to write to any location
on the user's hard drive. However, developers are encouraged to
use the user- and application-specific application storage directory
that the runtime provides for each application. The AIR API provides
convenient methods for developers to read and write data in the application
storage directory. The runtime also provides an encrypted local
data storage area unique to each application and user. This allows
applications to save and retrieve data that is stored on the user’s
local hard drive in an encrypted format that cannot be deciphered
by other applications or users. A separate encrypted local store
is used for each AIR application, and each AIR application uses
a separate encrypted local store for each user. Applications may
use the encrypted local store to store information that must be
secured, such as login credentials for web services. AIR uses DPAPI
on Windows and KeyChain on Mac OS to associate encrypted local stores
to each user. The encrypted local store uses AES-CBC 128-bit encryption.
In Adobe AIR 2, applications can open files with the default
application registered for the file type. For example, applications
can open an mp3 file with the default application used to open mp3
files. AIR prevents applications from opening files that contain
certain file types. These file types can potentially execute code
when opened. An example is an EXE file on Windows. The restricted
file types are listed in the
ActionScript 3.0 Reference for the Flash
Platform
. However, extended desktop AIR applications, which
are installed with native installers, can open files of any type.
(For information on extended desktop applications, see
Communicating with native processes
.)
