4.4.1 Privileged locations
The most common way to assign trust to files, folders, and hosts is via
privileged locations
.
4.4.2 Internet Access
There are two ways to control internet access:
• The Trust Manager's Internet Access settings allow you to
trust
individual web-based files,
directories, and specific hosts (wildcards are supported).
•
8.1 Internet access
settings in the Trust Manager support both global and granular trust of all or
specific URLs.
4.4.3 Certificate trust
When enhanced security is on, a certified document can bypass its restrictions if the following conditions
are true:
• The document is certified; that is, the first signature in the document is a certification signature.
• The certification signature is valid.
• The document recipient has specifically trusted the signer's certificate for privileged network
operations.
Configure certificate trust as described in
9.4 Per-certificate trust
.
Setting certificate trust
4.4.4 xdomain policy files
Enhanced security's cross domain restrictions can also be bypassed and managed at the server.
Managing cross domain access at the server
Clients have the capability of automatically detecting and using crossdomain.xml policy files to access
content from a different origin. Administrators can configure the policy file as needed so that clients can
access trusted content. For more information, see the
Cross Domain Policy File Specification
.
Enabling cross domain access for specific PDFs
Application Security Guide
Section 4 Enhanced Security
Section 4 Enhanced Security
Page 25
