diff -r 48780e181b38 -r 578be2adaf3e Symbian3/PDK/Source/GUID-9E4D75C0-D797-5541-8E52-3C6D154CC74A.dita
--- a/Symbian3/PDK/Source/GUID-9E4D75C0-D797-5541-8E52-3C6D154CC74A.dita	Tue Jul 20 12:00:49 2010 +0100
+++ b/Symbian3/PDK/Source/GUID-9E4D75C0-D797-5541-8E52-3C6D154CC74A.dita	Fri Aug 13 16:47:46 2010 +0100
@@ -1,87 +1,87 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
-<!-- This component and the accompanying materials are made available under the terms of the License 
-"Eclipse Public License v1.0" which accompanies this distribution, 
-and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
-<!-- Initial Contributors:
-    Nokia Corporation - initial contribution.
-Contributors: 
--->
-<!DOCTYPE concept
-  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
-<concept id="GUID-9E4D75C0-D797-5541-8E52-3C6D154CC74A" xml:lang="en"><title>ECom
-and the Platform Security Architecture</title><prolog><metadata><keywords/></metadata></prolog><conbody>
-<p>The Symbian Platform Security Architecture is designed to provide defences
-against malicious or badly implemented code. The following aspects of platform
-security are particularly relevant to the ECom plug-in architecture: </p>
-<ul>
-<li id="GUID-299B3BF1-9A55-5CCC-AA77-49F4EBE07ABD"><p>The <i>platform security
-capability model</i>, which protects processes from loading and using DLLs
-that are less secure than the process itself. </p> </li>
-<li id="GUID-92E6F90B-EFE0-5026-AA61-1C068376C21C"><p>Control over software
-installation, so that insecure software cannot disrupt legitimately installed
-software. </p> </li>
-<li id="GUID-2DE8CE05-57EE-582F-80F8-BAEB82B38FAB"><p>Control over which processes
-have access to particular files. </p> </li>
-</ul>
-<p>For more information on the Platform Security Architecture, see <i>Symbian
-OS v9 Security Architecture</i> in the <xref href="GUID-9E4D75C0-D797-5541-8E52-3C6D154CC74A.dita">Platform
-security</xref> section. </p>
-<section><title>ECom and the platform security capability model</title> <p>The
-Platform Security Architecture protects processes against loading and using
-DLLs that are less secure than the processes themselves. This is done using
-platform security capabilities assigned to the process and the DLL. The rule
-applied is that the DLL must have the same or greater capabilities than the
-process in which it is loaded. </p> <p>With ECom, a plug-in is a DLL that
-is loaded into a client process when an interface implementation provided
-by that DLL is instantiated. If the plug-in DLL has lower capabilities than
-the loading process, then a "permission denied" (-46) error is returned. See <xref href="GUID-8A7B837D-4069-5364-A596-686EEBAE351D.dita">How to troubleshoot plug-in
-loading errors</xref> for details of how to investigate this error. </p> <p>Providers
-of plug-in DLLs must consider the following with respect to platform security
-capabilities: </p> <ul>
-<li id="GUID-FB693866-59D7-56DD-9FF4-07AB3CDDA9F7"><p>If you give a plug-in
-DLL no capabilities, it can only be used by client processes that also have
-no capabilities. </p> </li>
-<li id="GUID-8FA6F9BF-9631-5110-8121-219041C07C4A"><p>If you intend a plug-in
-to work only with one client program, such as a particular server, then the
-documentation for that program should tell you what capabilities it needs. </p> </li>
-<li id="GUID-494937B7-AF39-5222-A97E-5F7478A4EC9E"><p>If you want a plug-in
-to be usable by any program (apart from the kernel and the file server), then
-the capability setting <codeph>All -Tcb</codeph> may be what you require.
-Note, however, programs with such high platform security capabilities require
-signing and authorisation to be installed by users on phones. See <xref href="https://www.symbiansigned.com/" scope="external">Symbian Signed</xref> for details. </p> </li>
-<li id="GUID-B5CD618B-F202-553A-BB5F-F1DF9AF70B58"><p> <i> Custom resolver</i> plug-ins
-are a special case. They are loaded by a server process in ECom itself, and
-so must be trusted by that server. This requires that you give the plug-in
-the <codeph>ProtServ</codeph> capability. See <xref href="GUID-E10A3336-9C4C-59A5-B94F-6CECA92FFB9F.dita">How
-to provide a custom resolver</xref> for more details on writing resolvers. </p> </li>
-</ul> <p>Platform security also allows you to specify that clients should
-only use plug-in implementations supplied by a particular company. See <xref href="GUID-7F4692A0-1801-5D91-8F28-06075AC45DE2.dita">How to filter implementations
-by vendor ID</xref> for more details. </p> </section>
-<section><title>Installation and upgrade controls</title> <p>Under Platform
-Security, the Software Installer program controls what software is installed
-to the device. It enables programs originally delivered in ROM, including
-ECom plugins, to be upgraded securely. </p> <p>Before platform security, applications
-could chose to use only ROM-based plug-ins. This guaranteed that the plug-ins
-were secure, but did not allow upgrades. Alternatively, both ROM-based and
-installed plug-ins were used, which allowed upgrades, but also risked the
-use of possibly insecure plug-ins. </p> <p>Platform security improves this
-situation, as it allows clients to access securely both ROM-based plug-ins
-and any installed upgrades to those plug-ins. For more information for how
-clients can do this, see <xref href="GUID-08007041-CE18-5B1C-9AE6-042EBBFD1AB6.dita">Using
-the ROM-only resolver</xref>. </p> <p>Providers of ROM-based plug-ins should
-see <xref href="GUID-93F53961-9DA3-5D01-A881-D28E0EBF8B3C.dita">How to upgrade
-ROM-based plug-ins securely</xref>. </p> </section>
-<section><title>File locations</title><p>The Platform Security architecture
-tightly controls access to executable code by: <ul>
-<li><p>requiring that all such code, including plug-in DLLs, is located under
-a directory <filepath>\sys\bin</filepath></p></li>
-<li><p>restricting access to that directory to a small number of key system
-processes. </p></li>
-</ul></p><p>The registration resource file for a plug-in must be readable
-by ECom, but should not be alterable after installation. For this reason,
-registration resource files are always installed to the read-only directory <filepath>\resource\plugins</filepath>.</p><p>To
-build plug-in code to these locations, set the target type in the project
-file to <codeph>PLUGIN</codeph>. For more information, see the <xref href="GUID-641A276D-F618-50CE-BA5A-658DCC26BAB5.dita">Creating an Implementation
-Project File</xref> section.  </p> </section>
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
+<!-- This component and the accompanying materials are made available under the terms of the License 
+"Eclipse Public License v1.0" which accompanies this distribution, 
+and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
+<!-- Initial Contributors:
+    Nokia Corporation - initial contribution.
+Contributors: 
+-->
+<!DOCTYPE concept
+  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
+<concept id="GUID-9E4D75C0-D797-5541-8E52-3C6D154CC74A" xml:lang="en"><title>ECom
+and the Platform Security Architecture</title><prolog><metadata><keywords/></metadata></prolog><conbody>
+<p>The Symbian Platform Security Architecture is designed to provide defences
+against malicious or badly implemented code. The following aspects of platform
+security are particularly relevant to the ECom plug-in architecture: </p>
+<ul>
+<li id="GUID-299B3BF1-9A55-5CCC-AA77-49F4EBE07ABD"><p>The <i>platform security
+capability model</i>, which protects processes from loading and using DLLs
+that are less secure than the process itself. </p> </li>
+<li id="GUID-92E6F90B-EFE0-5026-AA61-1C068376C21C"><p>Control over software
+installation, so that insecure software cannot disrupt legitimately installed
+software. </p> </li>
+<li id="GUID-2DE8CE05-57EE-582F-80F8-BAEB82B38FAB"><p>Control over which processes
+have access to particular files. </p> </li>
+</ul>
+<p>For more information on the Platform Security Architecture, see <i>Symbian
+OS v9 Security Architecture</i> in the <xref href="GUID-9E4D75C0-D797-5541-8E52-3C6D154CC74A.dita">Platform
+security</xref> section. </p>
+<section><title>ECom and the platform security capability model</title> <p>The
+Platform Security Architecture protects processes against loading and using
+DLLs that are less secure than the processes themselves. This is done using
+platform security capabilities assigned to the process and the DLL. The rule
+applied is that the DLL must have the same or greater capabilities than the
+process in which it is loaded. </p> <p>With ECom, a plug-in is a DLL that
+is loaded into a client process when an interface implementation provided
+by that DLL is instantiated. If the plug-in DLL has lower capabilities than
+the loading process, then a "permission denied" (-46) error is returned. See <xref href="GUID-8A7B837D-4069-5364-A596-686EEBAE351D.dita">How to troubleshoot plug-in
+loading errors</xref> for details of how to investigate this error. </p> <p>Providers
+of plug-in DLLs must consider the following with respect to platform security
+capabilities: </p> <ul>
+<li id="GUID-FB693866-59D7-56DD-9FF4-07AB3CDDA9F7"><p>If you give a plug-in
+DLL no capabilities, it can only be used by client processes that also have
+no capabilities. </p> </li>
+<li id="GUID-8FA6F9BF-9631-5110-8121-219041C07C4A"><p>If you intend a plug-in
+to work only with one client program, such as a particular server, then the
+documentation for that program should tell you what capabilities it needs. </p> </li>
+<li id="GUID-494937B7-AF39-5222-A97E-5F7478A4EC9E"><p>If you want a plug-in
+to be usable by any program (apart from the kernel and the file server), then
+the capability setting <codeph>All -Tcb</codeph> may be what you require.
+Note, however, programs with such high platform security capabilities require
+signing and authorisation to be installed by users on phones. See <xref href="https://www.symbiansigned.com/" scope="external">Symbian Signed</xref> for details. </p> </li>
+<li id="GUID-B5CD618B-F202-553A-BB5F-F1DF9AF70B58"><p> <i> Custom resolver</i> plug-ins
+are a special case. They are loaded by a server process in ECom itself, and
+so must be trusted by that server. This requires that you give the plug-in
+the <codeph>ProtServ</codeph> capability. See <xref href="GUID-E10A3336-9C4C-59A5-B94F-6CECA92FFB9F.dita">How
+to provide a custom resolver</xref> for more details on writing resolvers. </p> </li>
+</ul> <p>Platform security also allows you to specify that clients should
+only use plug-in implementations supplied by a particular company. See <xref href="GUID-7F4692A0-1801-5D91-8F28-06075AC45DE2.dita">How to filter implementations
+by vendor ID</xref> for more details. </p> </section>
+<section><title>Installation and upgrade controls</title> <p>Under Platform
+Security, the Software Installer program controls what software is installed
+to the device. It enables programs originally delivered in ROM, including
+ECom plugins, to be upgraded securely. </p> <p>Before platform security, applications
+could chose to use only ROM-based plug-ins. This guaranteed that the plug-ins
+were secure, but did not allow upgrades. Alternatively, both ROM-based and
+installed plug-ins were used, which allowed upgrades, but also risked the
+use of possibly insecure plug-ins. </p> <p>Platform security improves this
+situation, as it allows clients to access securely both ROM-based plug-ins
+and any installed upgrades to those plug-ins. For more information for how
+clients can do this, see <xref href="GUID-08007041-CE18-5B1C-9AE6-042EBBFD1AB6.dita">Using
+the ROM-only resolver</xref>. </p> <p>Providers of ROM-based plug-ins should
+see <xref href="GUID-93F53961-9DA3-5D01-A881-D28E0EBF8B3C.dita">How to upgrade
+ROM-based plug-ins securely</xref>. </p> </section>
+<section><title>File locations</title><p>The Platform Security architecture
+tightly controls access to executable code by: <ul>
+<li><p>requiring that all such code, including plug-in DLLs, is located under
+a directory <filepath>\sys\bin</filepath></p></li>
+<li><p>restricting access to that directory to a small number of key system
+processes. </p></li>
+</ul></p><p>The registration resource file for a plug-in must be readable
+by ECom, but should not be alterable after installation. For this reason,
+registration resource files are always installed to the read-only directory <filepath>\resource\plugins</filepath>.</p><p>To
+build plug-in code to these locations, set the target type in the project
+file to <codeph>PLUGIN</codeph>. For more information, see the <xref href="GUID-641A276D-F618-50CE-BA5A-658DCC26BAB5.dita">Creating an Implementation
+Project File</xref> section.  </p> </section>
 </conbody></concept>
\ No newline at end of file