Flash security daemon.
When dealing with Adobe Flash applets or Adobe AIR applications that access data via a Socket or XMLSocket object, the server providing the data needs to authorize the accessing applet or application to access the data. This is a security feature integrated by Adobe in their Flash player 7 and made mandatory with version 18.104.22.168. The Flash security daemon is a very small, configurable server written in ANSI C, that offers this authorization.
To strengthen security, Adobe has integrated a method into their Flash player 7 to ensure, data cannot be accessed by non authorized flash applets. Before version 7 it was possible to create a Flash applet that accesses data from foreign domains without proper authorization. This behaviour often caused a lot of headache withing companies that provide data like stock information, weather reports, etc. because everyone could access the data they provide.
When invoking a connection with an ActionScript Socket or XMLSocket object, the Flash Player automatically (and you cannot omit this) tries to connect to TCP port 843 on the server you configured the Socket or XMLSocket to and sends a
< policy-file-request/ >
to this port. If this request is not being answered correctly or if this port is unreachable, a security sandbox violation is raised and the connection to the service is not being established.
To get further information about these issues, please find information on the Adobe Developer Center inside this document.
As ZaKoTel started with developing Flash applets, we found it not suitable, that only Java-based data services were available to fulfill this task. So we decided to create a small configurable C server, that can also be used on Java-free servers and is licensed under the terms of the GNU GPLv2.