Mercurial Mercurial > oss > MCL > sftools > depl > docscontent / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Symbian3/SDK/Source/GUID-3B6E25F7-C1A8-461F-97F7-421DB559BC98.dita
changeset 13 48780e181b38
parent 7 51a74ef9ed63 
--- a/Symbian3/SDK/Source/GUID-3B6E25F7-C1A8-461F-97F7-421DB559BC98.dita	Fri Jul 16 17:23:46 2010 +0100
+++ b/Symbian3/SDK/Source/GUID-3B6E25F7-C1A8-461F-97F7-421DB559BC98.dita	Tue Jul 20 12:00:49 2010 +0100
@@ -1,81 +1,81 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
-<!-- This component and the accompanying materials are made available under the terms of the License 
-"Eclipse Public License v1.0" which accompanies this distribution, 
-and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
-<!-- Initial Contributors:
-    Nokia Corporation - initial contribution.
-Contributors: 
--->
-<!DOCTYPE concept
-  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
-<concept id="GUID-3B6E25F7-C1A8-461F-97F7-421DB559BC98" xml:lang="en"><title>Process
-identification</title><prolog><metadata><keywords/></metadata></prolog><conbody>
-<p>Sometimes it is useful for security reasons to obtain more information
-about server or application processes, and identify an application and even
-its vendor uniquely.</p>
-<ul>
-<li><p>To verify an application's identity, use <codeph><xref href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/Application_Architecture/RApaLsSessionClass.html" format="application/java-archive">RApaLsSession</xref></codeph> to retrieve the application's name and  <i>Unique Identifier</i> UID,
-and compare them against known information.</p><p>For more information,
-see <xref href="GUID-EA05F9B6-52C7-4BD9-8B9A-4BA3456E70B5.dita">UID</xref>.</p>
-</li>
-<li><p>Use the <codeph><xref href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/Application_Architecture/TApaTaskListClass.html" format="application/java-archive">TApaTaskList</xref></codeph> class
-to get a list of currently running applications.</p><p>In the platform
-security architecture there are two different identifiers for applications:
-Secure Identifier (SID) and Vendor Identifier  (VID).</p></li>
-</ul>
-<p><b id="GUID-EEC50FC0-46D5-4ED7-AD95-67430D5EC652">Secure Identifier
-(SID)</b></p>
-<p>Every executable has its own <i>Secure Identifier</i> (SID), which is
-used to identify the running process launched from the executable. It can
-also be used to determine which private directory a process can access. SID
-is stored in the executable binary, so it has the same security as any executable
-code. The SID value is not relevant for <codeph>dll</codeph>.</p>
-<p>SID values are requested from the <xref href="http://www.symbiansigned.com" scope="external">Symbian
-Signed</xref> web site. The <xref href="GUID-1293DE8C-E803-4ADF-9FA8-862519337331.dita">Software
-Installer</xref> ensures that no two applications have the same SID value
-on a particular target device.</p>
-<p>To retrieve the SID of a process, use the <codeph><xref href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/Kernel_Architecture_2/RProcessClass.html#%3a%3aRProcess%3a%3aSecureId%28%29const" format="application/java-archive">RProcess::SecureId()</xref></codeph> method . During inter process communication, use the <codeph><xref href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/Kernel_Architecture_2/TSecurityPolicyClass.html" format="application/java-archive">TSecurityPolicy</xref></codeph> class to specify a security policy consisting of both <xref href="GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22.dita">capability</xref> and
-SID checks.</p>
-<p>For information on how to define the SID in the <codeph>mmp</codeph> file,
-see <codeph><xref href="GUID-A98F7AA2-A908-527E-9AEC-54DDD10A49C1.dita">secureid</xref></codeph>.
-If SID is not specified in the <codeph>mmp</codeph> file, the value of UID3
-is used as the SID.</p>
-<p><b id="GUID-EEC50FC0-46D5-4ED7-AD95-67430D5EC654">Vendor Identifier
-(VID)</b></p>
-<p>In addition to SID, signed applications have a <i>Vendor Identifier</i> (VID)
-which can be used to identify the source of the application. Applications
-from one vendor usually share a common VID, but the vendor may have different
-VIDs for different product families. VIDs can also be used to group servers
-and clients into logical groups providing services to each other.</p>
-<p>Note that the VID cannot be reused for any other entity. For example,
-the Nokia VID (<codeph>0x101FB657</codeph>) is property of Nokia.</p>
-<p>For information on how to define the VID in the <codeph>mmp</codeph> file,
-see <codeph><xref href="GUID-535793F2-08F1-5B4E-AD32-783985C53124.dita">vendorid</xref></codeph>.</p>
-<section id="GUID-09668673-7926-453D-BD33-9894F5631C90"><title>Secure inter
-process communication</title>
-<p>Authentication can be done in different ways. The server can decide
-to request (or not to request) capabilities from the client. The client's
-options are more limited, the server is usually authenticated by name. The <codeph>ProtServ</codeph> <xref href="GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22.dita">capability</xref> allows
-the server to insert an "!" in front of its name, indicating that the server
-can be trusted. Nameless servers are also possible, but no client can connect
-to them without a handle to the server. The server can also authenticate the
-client with SID and VID.</p>
-<p>Every server should define the following security policies:</p>
-<ul>
-<li><p>Which capabilities are required by the calling application</p>
-</li>
-<li><p>Which SID and VID are required by the calling application</p>
-</li>
-<li><p>What actions are possible or must be done with the information
-provided:</p>
-<ul>
-<li><p>Can input data be trusted?</p></li>
-<li><p>Is user acceptance needed for this operation?</p></li>
-<li><p>Can this server act as a proxy towards other components?</p>
-</li>
-</ul>
-</li>
-</ul>
-</section>
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
+<!-- This component and the accompanying materials are made available under the terms of the License 
+"Eclipse Public License v1.0" which accompanies this distribution, 
+and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
+<!-- Initial Contributors:
+    Nokia Corporation - initial contribution.
+Contributors: 
+-->
+<!DOCTYPE concept
+  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
+<concept id="GUID-3B6E25F7-C1A8-461F-97F7-421DB559BC98" xml:lang="en"><title>Process identification</title><prolog><metadata><keywords/></metadata></prolog><conbody>
+<p>Sometimes it is useful for security reasons to obtain more information
+about server or application processes, and identify an application
+and even its vendor uniquely.</p>
+<ul>
+<li><p>To verify an application's identity, use <codeph><xref href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/Application_Architecture/RApaLsSessionClass.html" format="application/java-archive">RApaLsSession</xref></codeph> to retrieve the application's
+name and  <i>Unique Identifier</i> UID, and compare them against known
+information.</p><p>For more information, see <xref href="GUID-EA05F9B6-52C7-4BD9-8B9A-4BA3456E70B5.dita">UID</xref>.</p>
+</li>
+<li><p>Use the <codeph><xref href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/Application_Architecture/TApaTaskListClass.html" format="application/java-archive">TApaTaskList</xref></codeph> class to get a list of currently
+running applications.</p><p>In the platform security architecture
+there are two different identifiers for applications: Secure Identifier
+(SID) and Vendor Identifier  (VID).</p></li>
+</ul>
+<p><b id="GUID-EEC50FC0-46D5-4ED7-AD95-67430D5EC652">Secure Identifier
+(SID)</b></p>
+<p>Every executable has its own <i>Secure Identifier</i> (SID),
+which is used to identify the running process launched from the executable.
+It can also be used to determine which private directory a process
+can access. SID is stored in the executable binary, so it has the
+same security as any executable code. The SID value is not relevant
+for <codeph>dll</codeph>.</p>
+<p>SID values are requested from the <xref href="http://www.symbiansigned.com" scope="external">Symbian Signed</xref> web site.
+The <xref href="GUID-1293DE8C-E803-4ADF-9FA8-862519337331.dita">Software
+Installer</xref> ensures that no two applications have the same SID
+value on a particular target device.</p>
+<p>To retrieve the SID of a process, use the <codeph><xref href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/Kernel_Architecture_2/RProcessClass.html#%3a%3aRProcess%3a%3aSecureId%28%29const" format="application/java-archive">RProcess::SecureId()</xref></codeph> method . During inter
+process communication, use the <codeph><xref href="jar:GUID-35228542-8C95-4849-A73F-2B4F082F0C44.jar!/sdk/doc_source/reference/reference-cpp/Kernel_Architecture_2/TSecurityPolicyClass.html" format="application/java-archive">TSecurityPolicy</xref></codeph> class to specify a security
+policy consisting of both <xref href="GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22.dita">capability</xref> and SID checks.</p>
+<p>For information on how to define the SID in the <codeph>mmp</codeph> file, see <codeph>secureid</codeph>. If SID is not specified in
+the <codeph>mmp</codeph> file, the value of UID3 is used as the SID.</p>
+<p><b id="GUID-EEC50FC0-46D5-4ED7-AD95-67430D5EC654">Vendor Identifier
+(VID)</b></p>
+<p>In addition to SID, signed applications have a <i>Vendor Identifier</i> (VID) which can be used to identify the source of the application.
+Applications from one vendor usually share a common VID, but the vendor
+may have different VIDs for different product families. VIDs can also
+be used to group servers and clients into logical groups providing
+services to each other.</p>
+<p>Note that the VID cannot be reused for any other entity. For
+example, the Nokia VID (<codeph>0x101FB657</codeph>) is property of
+Nokia.</p>
+<p>For information on how to define the VID in the <codeph>mmp</codeph> file, see <codeph>vendorid</codeph>.</p>
+<section id="GUID-09668673-7926-453D-BD33-9894F5631C90"><title>Secure
+inter process communication</title>
+<p>Authentication can be done in different ways. The server can
+decide to request (or not to request) capabilities from the client.
+The client's options are more limited, the server is usually authenticated
+by name. The <codeph>ProtServ</codeph> <xref href="GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22.dita">capability</xref> allows the server to insert an "!" in front of its name, indicating
+that the server can be trusted. Nameless servers are also possible,
+but no client can connect to them without a handle to the server.
+The server can also authenticate the client with SID and VID.</p>
+<p>Every server should define the following security policies:</p>
+<ul>
+<li><p>Which capabilities are required by the calling application</p>
+</li>
+<li><p>Which SID and VID are required by the calling application</p>
+</li>
+<li><p>What actions are possible or must be done with the
+information provided:</p>
+<ul>
+<li><p>Can input data be trusted?</p></li>
+<li><p>Is user acceptance needed for this operation?</p>
+</li>
+<li><p>Can this server act as a proxy towards other components?</p>
+</li>
+</ul>
+</li>
+</ul>
+</section>
 </conbody></concept>
\ No newline at end of file
MCL/sftools/depl/docscontent