Configuring client security settings
Some security control features in Flash Player target user choices, and some target the modern corporate and enterprise environments, such as when the IT department would like to install Flash Player across the enterprise but has concerns about IT security and privacy. To help address these types of requirements, Flash Player provides various installation-time configuration choices. For example, some corporations do not want Flash Player to have access to the computer's audio and video hardware; other environments do not want Flash Player to have any read or write access to the local file system.
Three groups can make security choices: the application author (using developer controls), the administrative user (using administrator controls), and the local user (with user controls).
About the mm.cfg file
You configure the debugger version of Flash Player by using the settings in the mm.cfg text file. You must create this file when you first configure the debugger version of Flash Player.
The settings in this file let you enable or disable trace() logging, set the location of the trace() file's output, and configure client-side error and warning logging.
For more information, see Configuring the debugger version of Flash Player.
About the mms.cfg file
The primary purpose for the Macromedia® Security Configuration file (mms.cfg) is to support the corporate and enterprise environments where the IT department wants to install Flash Player across the enterprise, while enforcing some common global security and privacy settings (supported with installation-time configuration choices).
On operating systems that support the concept of user security levels, the file is flagged as requiring system administrator (or root) permissions to modify or delete it. The following table shows the location of the mms.cfg, depending on the operating system:
|
Operating System |
Location of mms.cfg file |
|---|---|
|
Macintosh OS X |
/Library/Application Support/Macromedia |
|
Windows XP/Vista |
C:\WINDOWS\system32\Macromed\Flash |
|
Windows 2000 |
C:\WINNT\System32\Macromed\Flash |
|
Windows 95/98/ME |
C:\WINDOWS\System\Macromed\Flash |
|
Linux |
/etc/adobe |
You can use this file to configure security settings that deal with data loading, privacy, and local file access. The settings include:
- FileDownloadDisable
- FileUploadDisable
- LocalStorageLimit
- AVHardwareDisable
For a complete list of options and their descriptions, see http://www.adobe.com/devnet/flashplayer/articles/flash_player_8_security.pdf.