Though AIR leverages existing Web development skills such as Flex, Flash, HTML, and Ajax to build rich Internet applications that run on the desktop, it is a platform that introduces several features that require special attention. This chapter discusses the added trust that must be placed in someone developing AIR applications that have full access to a user's machine.
This chapter will focus on the security model in AIR along with topics that will get you started developing AIR applications like the application properties used to set initial values for appearance and location of an AIR application.
The AIR security model differs from browser-based Internet application security models. AIR applications are granted the privileges of desktop applications and are capable of performing tasks such as reading and writing to the filesystem, placing icons in operating system menus like the Windows taskbar, and creating operating system windows in which to run.
The increased range of functionality granted to desktop applications requires an increased level of security when developing an application and also demands a higher level of trust between the user and the developer of an application. By installing an application, a user entrusts that a developer does not take advantage of his access to the desktop.
Because AIR has access to the local filesystem, it is important that an AIR application only grant the ability to read or ...