Week 23 contribution of PDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
<?xml version="1.0" encoding="utf-8"?>+ −
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->+ −
<!-- This component and the accompanying materials are made available under the terms of the License + −
"Eclipse Public License v1.0" which accompanies this distribution, + −
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->+ −
<!-- Initial Contributors:+ −
Nokia Corporation - initial contribution.+ −
Contributors: + −
-->+ −
<!DOCTYPE concept+ −
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">+ −
<concept id="GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22" xml:lang="en"><title>Capabilities</title><prolog><metadata><keywords/></metadata></prolog><conbody>+ −
<p>Capabilities allow the Symbian platform to control access by applications+ −
to the functionalities provided by the platform APIs. Access to capabilities+ −
is determined by the device configuration and how the application has been+ −
signed. Capabilities can be divided into four categories:</p>+ −
<ul>+ −
<li><p><i>user capabilities</i>: <xref href="http://wiki.forum.nokia.com/index.php/LocalServices" scope="external"><codeph>LocalServices</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/NetworkServices" scope="external"><codeph>NetworkServices</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/ReadUserData" scope="external"><codeph>ReadUserData</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/WriteUserData" scope="external"><codeph>WriteUserData</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/UserEnvironment" scope="external"><codeph>UserEnvironment</codeph></xref> and, <xref href="http://wiki.forum.nokia.com/index.php/Location" scope="external"><codeph>Location</codeph></xref></p>+ −
</li>+ −
<li><p><i>system capabilities</i>: <xref href="http://wiki.forum.nokia.com/index.php/PowerMgmt" scope="external"><codeph>PowerMgmt</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/ProtServ" scope="external"><codeph>ProtServ</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/ReadDeviceData" scope="external"><codeph>ReadDeviceData</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/SurroundingsDD" scope="external"><codeph>SurroundingsDD</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/SwEvent" scope="external"><codeph>SwEvent</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/TrustedUI" scope="external"><codeph>TrustedUI</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/WriteDeviceData" scope="external"><codeph>WriteDeviceData</codeph></xref></p>+ −
</li>+ −
<li><p><i>restricted capabilities</i>: <xref href="http://wiki.forum.nokia.com/index.php/CommDD" scope="external"><codeph>CommDD</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/DiskAdmin" scope="external"><codeph>DiskAdmin</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/MultimediaDD" scope="external"><codeph>MultimediaDD</codeph></xref> and <xref href="http://wiki.forum.nokia.com/index.php/NetworkControl" scope="external"><codeph>NetworkControl</codeph></xref></p>+ −
</li>+ −
<li><p><i>device manufacturer capabilitie</i>s: <xref href="http://wiki.forum.nokia.com/index.php/AllFiles" scope="external"><codeph>AllFiles</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/DRM" scope="external"><codeph>DRM</codeph></xref> and <xref href="http://wiki.forum.nokia.com/index.php/Trusted_Computing_Base_%28TCB%29" scope="external"><codeph>TCB</codeph></xref></p>+ −
</li>+ −
</ul>+ −
<p>Capabilities required by the application are defined in the <codeph>mmp</codeph> project+ −
definition file during the build process, and cannot be changed during run+ −
time. For information on the parameters you can use, see <xref href="GUID-96C007D1-9AA0-57DC-A6DC-8B6E5A2DF644.dita">capability</xref>.+ −
Carbide.c++ has a Capability Scanner tool which can be accessed through the <b>Project+ −
> Run Capability Scanner on Project MMP</b> menu. The tool scans and checks+ −
the project for required capabilities.</p>+ −
<p>During the installation the <xref href="GUID-1293DE8C-E803-4ADF-9FA8-862519337331.dita">Software+ −
Installer</xref> application in the device checks whether the application+ −
has been certified or signed. It then checks the capabilities requested by+ −
the application. If the application has been certified, it checks that the+ −
root certificate is allowed to grant the required capabilities. If no problems+ −
are encountered, the installation can continue. For information on certifications+ −
required by the capabilities, see <xref href="GUID-B9414AE8-820E-4CA5-A9C4-29560CD6F2EF.dita">Application+ −
signing</xref>.</p>+ −
<p>The user can grant the <i>user capabilities</i> to a self-signed application.+ −
For example, the following dialog is shown to the user to grant the <codeph>LocalServices</codeph> capability:</p>+ −
<fig id="GUID-5FCD68FB-BB79-48E0-B438-E8BFAD37331D"><title>Granting LocalServices capability during the installation</title><image href="GUID-08152DC3-2A5D-42AC-B722-3D49275FE548_d0e14596_href.png"/></fig>+ −
<section id="GUID-DD22FF50-BE6F-4929-85BA-EAF3481EA2BD"><title>dll capabilities</title>+ −
<p>A <codeph>dll</codeph> must have equal or greater set of capabilities+ −
than the loading process, otherwise the process is not allowed to load the <codeph>dll</codeph>.+ −
Once loaded, a <codeph>dll</codeph> runs at the capability level of the loading+ −
process. A <codeph>dll</codeph> that has a higher capability set than the+ −
loading process cannot leak capabilities to the process, but a process can+ −
leak capabilities to the <codeph>dll</codeph>.</p>+ −
<p>For more information, see <xref href="http://wiki.forum.nokia.com/index.php/TSS000454_-_DLL_capability_model_in_a_secure_platform" scope="external">DLL+ −
capability model in a secure platform</xref> (TSS000454) in the Forum Nokia+ −
Knowledge Base.</p>+ −
</section>+ −
</conbody></concept>+ −