Week 28 contribution of SDK documentation content. See release notes for details. Fixes bugs Bug 1897 and Bug 1522.
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22" xml:lang="en"><title>Capabilities</title><prolog><metadata><keywords/></metadata></prolog><conbody>
<p>Capabilities allow the Symbian platform to control access by
applications to the functionalities provided by the platform APIs.
Access to capabilities is determined by the device configuration and
how the application has been signed. Capabilities can be divided into
four categories:</p>
<ul>
<li><p><i>user capabilities</i>: <xref href="http://wiki.forum.nokia.com/index.php/LocalServices" scope="external"><codeph>LocalServices</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/NetworkServices" scope="external"><codeph>NetworkServices</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/ReadUserData" scope="external"><codeph>ReadUserData</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/WriteUserData" scope="external"><codeph>WriteUserData</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/UserEnvironment" scope="external"><codeph>UserEnvironment</codeph></xref> and, <xref href="http://wiki.forum.nokia.com/index.php/Location" scope="external"><codeph>Location</codeph></xref></p></li>
<li><p><i>system capabilities</i>: <xref href="http://wiki.forum.nokia.com/index.php/PowerMgmt" scope="external"><codeph>PowerMgmt</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/ProtServ" scope="external"><codeph>ProtServ</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/ReadDeviceData" scope="external"><codeph>ReadDeviceData</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/SurroundingsDD" scope="external"><codeph>SurroundingsDD</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/SwEvent" scope="external"><codeph>SwEvent</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/TrustedUI" scope="external"><codeph>TrustedUI</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/WriteDeviceData" scope="external"><codeph>WriteDeviceData</codeph></xref></p></li>
<li><p><i>restricted capabilities</i>: <xref href="http://wiki.forum.nokia.com/index.php/CommDD" scope="external"><codeph>CommDD</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/DiskAdmin" scope="external"><codeph>DiskAdmin</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/MultimediaDD" scope="external"><codeph>MultimediaDD</codeph></xref> and <xref href="http://wiki.forum.nokia.com/index.php/NetworkControl" scope="external"><codeph>NetworkControl</codeph></xref></p></li>
<li><p><i>device manufacturer capabilitie</i>s: <xref href="http://wiki.forum.nokia.com/index.php/AllFiles" scope="external"><codeph>AllFiles</codeph></xref>, <xref href="http://wiki.forum.nokia.com/index.php/DRM" scope="external"><codeph>DRM</codeph></xref> and <xref href="http://wiki.forum.nokia.com/index.php/Trusted_Computing_Base_%28TCB%29" scope="external"><codeph>TCB</codeph></xref></p></li>
</ul>
<p>Capabilities required by the application are defined in the <codeph>mmp</codeph> project definition file during the build process, and
cannot be changed during run time. For information on the parameters
you can use, see <b>Symbian Tools Guide > Building >
Symbian Build System (SBSv1) > Build tools reference > MMP file syntax
> capability</b>. Carbide.c++ has a Capability Scanner tool which
can be accessed through the <b>Project > Run Capability Scanner on
Project MMP</b> menu. The tool scans and checks the project for required
capabilities.</p>
<p>During the installation the <xref href="GUID-1293DE8C-E803-4ADF-9FA8-862519337331.dita">Software Installer</xref> application in the device checks whether the application has been
certified or signed. It then checks the capabilities requested by
the application. If the application has been certified, it checks
that the root certificate is allowed to grant the required capabilities.
If no problems are encountered, the installation can continue. For
information on certifications required by the capabilities, see <xref href="GUID-B9414AE8-820E-4CA5-A9C4-29560CD6F2EF.dita">Application signing</xref>.</p>
<p>The user can grant the <i>user capabilities</i> to a self-signed
application. For example, the following dialog is shown to the user
to grant the <codeph>LocalServices</codeph> capability:</p>
<fig id="GUID-5FCD68FB-BB79-48E0-B438-E8BFAD37331D"><title>Granting LocalServices capability during the installation</title><image href="GUID-08152DC3-2A5D-42AC-B722-3D49275FE548_d0e13076_href.png"/></fig>
<section id="GUID-DD22FF50-BE6F-4929-85BA-EAF3481EA2BD"><title>dll capabilities</title>
<p>A <codeph>dll</codeph> must have equal or greater set of capabilities
than the loading process, otherwise the process is not allowed to
load the <codeph>dll</codeph>. Once loaded, a <codeph>dll</codeph> runs at the capability level of the loading process. A <codeph>dll</codeph> that has a higher capability set than the loading process cannot
leak capabilities to the process, but a process can leak capabilities
to the <codeph>dll</codeph>.</p>
<p>For more information, see <xref href="http://wiki.forum.nokia.com/index.php/TSS000454_-_DLL_capability_model_in_a_secure_platform" scope="external">DLL capability model in a secure platform</xref> (TSS000454) in
the Forum Nokia Knowledge Base.</p>
</section>
</conbody></concept>