Flash: can I forbid ExternalInterface access to loaded SWF?

Question

We have a Flash app (AS3). This is a desktop application that runs in our own projector. No Air. The projector is written in C++. The projector gives Flash part an indirect access to Windows API via ExternalInterface.

Now we want to let our community to create plugins. Just to let them make a small animated picture with a bit of Action Script 3.

A plugin is going to be loaded as external .swf file at runtime. And, of course, we would like our users to distribute the plugins on the net.

But, we have a security concern. What if some bad person would take advantage of the indirect access to Win API?

I have made a small test. A child .swf loaded into the program tries to call ExternalInterface methods. It turned out the child.swf was able to do this. So every .swf file loaded into our program will automatically has an access to Win API.

Downloading plugins for our program becomes as dangerous as an .exe file.

Can we forbid ExternalInterface access to the loaded .swf? If not - how would you implement plugin system in AS3 with security in mind?

I would appreciate any tips that can help.

Answer 1

Well I don't know of any explicit methods in AS3. But here is what I propose :

• Before WinAPI is accessed, let there be a callback to the main SWF to authorize the request.

• If the request is made by the main SWF then the authorization should be a success.

• If the child SWF makes the request, the main SWf shall deny the request.

---

EDIT

The child swf may not really ovverride the main swf call. If it does you may actually ovveride it back from the main. Besides isn't the externalInterface for the child, the main swf.

Either ways, it would be hard for the plugin writer to know even the signature of authentication function unless you share it.