It was asked to us to host a crossdomain.xml file in our servers in order to access some XML files we have developed. The content of this file is:
<cross-domain-policy>
<allow-access-from domain="*" to-ports="*"/>
</cross-domain-policy>
Is it OK?
Well that lets any flash app from any port load XML data from your domain.
That being said, you do need to set a bunch of other data in order for it to be a valid cross-domain policy file (there were new required elements added with FP9)
Here's the full spec for cross-domain policies: http://www.adobe.com/devnet/articles/crossdomain%5Fpolicy%5Ffile%5Fspec.html
You can find all of the most recent security recommendations for cross-domain policy files (and everything else concerning the Flash Player) here: http://www.adobe.com/devnet/flashplayer/articles/flash%5Fplayer10%5Fsecurity%5Fwp.html
This will allow flash content hosted from anywhere to load data directly into a client from your services, and can have significant security implications, depending on your authentication model and setup.