Do AIR applications run in a trusted sandbox?

I have an AIR application that is packaged with a network appliance and that is used to configure that network appliance...much like a the embedded webservers on home routers except this is an installed AIR app.

If I want to communicate with the appliance on a port higher that 1024, do I need that appliance to serve up a socket policy file or is AIR considered a trusted sandbox. All the info I find relates to F开发者_JAVA技巧lash Player and the web, but this particular AIR app is communicating in a closed environment.

From: http://help.adobe.com/en_US/AIR/1.5/devappsflex/devappsflex.pdf

There's a whole chapter on AIR and Sandboxes, starting at page 75

AIR provides a comprehensive security architecture that defines permissions accordingly to each file in an AIR application, both internal and external. Permissions are granted to files according to their origin, and are assigned into logical security groupings called sandboxes.