Week 32 contribution of PDK documentation content. See release notes for details. Fixes bug Bug 3582
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-ACDED56F-38FE-491D-B019-BE2C53A75D28" xml:lang="en"><title>Data caging</title><prolog><metadata><keywords/></metadata></prolog><conbody>
<p>Data caging means that the applications and the users have access
only to certain areas of the file system. In practice the applications
can access their own private folders and folders that are marked as
open. It means, for example, that one application cannot access the
private folder and data of another application. There are restricted
file storage areas for system, private, and resource data.</p>
<p>The file system has the following structure:</p>
<ul>
<li><p>The <codeph>\sys</codeph> folder is the restricted
system area. You need <codeph>AllFiles</codeph> capability to read
the content, and Trusted Computing Base (<codeph>TCB</codeph>) capability
to modify the content.</p><p>The subfolder <codeph>\sys\bin\</codeph> contains all binaries (<codeph>exe</codeph>, <codeph>dll</codeph>, etc.). All binaries must have a different name. An application
can only be launched from this subfolder.</p></li>
<li><p>The <parmname>\private\</parmname> folder includes
folders for all applications.</p><p>The <codeph>\private\<SID>\</codeph> subfolder contains private data only to be accessed by the application
itself. SID is determined by the <xref href="GUID-3B6E25F7-C1A8-461F-97F7-421DB559BC98.dita#GUID-3B6E25F7-C1A8-461F-97F7-421DB559BC98/GUID-EEC50FC0-46D5-4ED7-AD95-67430D5EC652">Secure Identifier</xref> of the process. Without any capabilities
you can read and write only in the application's own directory. You
need <codeph>AllFiles</codeph> capability to access all private directories.
Backup software can read and write to this directory.</p><p>The <codeph>\private\<SID>\import\</codeph> subfolder is for resource
files, such as registration files, that are not directly related to
the application. You can write into this subfolder only after it is
created and named correctly.</p><p>Application registration
resource files should be installed in the <parmname>\private\10003a3f\import\apps</parmname> subfolder.</p></li>
<li><p>The <parmname>\resource</parmname> folder is for
sharing resource files. This data can be icons, bitmaps, and other
material useful for all the applications. You do not need any capabilities
to read these files. You need <codeph>TCB</codeph> capability to modify
the content.</p><p>ECom registration resource files should be
installed in the <parmname>\resource\plugins</parmname> subfolder.</p>
</li>
</ul>
<p>For more information, see <xref href="GUID-54E62386-E4DB-55C3-BA9A-FFB7BFE6703E.dita">File locations</xref>.</p>
</conbody></concept>