To allow a package to control its own Security Policy?

Hi can anyone tell me how to get around with this puzzle.
you need to
modify the global /web/conf/web.xml file
to ensure that those constraints don’t take precedence.Please exp me this in a bit detail.