Capabilities

diff -r 51a74ef9ed63 -r ae94777fff8f Symbian3/SDK/Source/GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22.dita --- a/Symbian3/SDK/Source/GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22.dita Wed Mar 31 11:11:55 2010 +0100 +++ b/Symbian3/SDK/Source/GUID-6971B0A2-F79B-4E05-8AF3-BB1FC1932A22.dita Fri Jun 11 12:39:03 2010 +0100 @@ -1,55 +1,55 @@ - - - - - -Capabilities -

Capabilities allow the Symbian platform to control access by applications -to the functionalities provided by the platform APIs. Access to capabilities -is determined by the device configuration and how the application has been -signed. Capabilities can be divided into four categories:

user capabilities: LocalServices, NetworkServices, ReadUserData, WriteUserData, UserEnvironment and, Location
-
system capabilities: PowerMgmt, ProtServ, ReadDeviceData, SurroundingsDD, SwEvent, TrustedUI, WriteDeviceData
-
restricted capabilities: CommDD, DiskAdmin, MultimediaDD and NetworkControl
-
device manufacturer capabilities: AllFiles, DRM and TCB
-

Capabilities required by the application are defined in the mmp project -definition file during the build process, and cannot be changed during run -time. For information on the parameters you can use, see capability. -Carbide.c++ has a Capability Scanner tool which can be accessed through the Project -> Run Capability Scanner on Project MMP menu. The tool scans and checks -the project for required capabilities.

During the installation the Software -Installer application in the device checks whether the application -has been certified or signed. It then checks the capabilities requested by -the application. If the application has been certified, it checks that the -root certificate is allowed to grant the required capabilities. If no problems -are encountered, the installation can continue. For information on certifications -required by the capabilities, see Application -signing.

The user can grant the user capabilities to a self-signed application. -For example, the following dialog is shown to the user to grant the LocalServices capability:

-Granting LocalServices capability during the installation -

dll capabilities -

A dll must have equal or greater set of capabilities -than the loading process, otherwise the process is not allowed to load the dll. -Once loaded, a dll runs at the capability level of the loading -process. A dll that has a higher capability set than the -loading process cannot leak capabilities to the process, but a process can -leak capabilities to the dll.

For more information, see DLL -capability model in a secure platform (TSS000454) in the Forum Nokia -Knowledge Base.

+ + + + + +Capabilities +

Capabilities allow the Symbian platform to control access by applications +to the functionalities provided by the platform APIs. Access to capabilities +is determined by the device configuration and how the application has been +signed. Capabilities can be divided into four categories:

user capabilities: LocalServices, NetworkServices, ReadUserData, WriteUserData, UserEnvironment and, Location
+
system capabilities: PowerMgmt, ProtServ, ReadDeviceData, SurroundingsDD, SwEvent, TrustedUI, WriteDeviceData
+
restricted capabilities: CommDD, DiskAdmin, MultimediaDD and NetworkControl
+
device manufacturer capabilities: AllFiles, DRM and TCB
+

Capabilities required by the application are defined in the mmp project +definition file during the build process, and cannot be changed during run +time. For information on the parameters you can use, see capability. +Carbide.c++ has a Capability Scanner tool which can be accessed through the Project +> Run Capability Scanner on Project MMP menu. The tool scans and checks +the project for required capabilities.

During the installation the Software +Installer application in the device checks whether the application +has been certified or signed. It then checks the capabilities requested by +the application. If the application has been certified, it checks that the +root certificate is allowed to grant the required capabilities. If no problems +are encountered, the installation can continue. For information on certifications +required by the capabilities, see Application +signing.

The user can grant the user capabilities to a self-signed application. +For example, the following dialog is shown to the user to grant the LocalServices capability:

+Granting LocalServices capability during the installation +

dll capabilities +

A dll must have equal or greater set of capabilities +than the loading process, otherwise the process is not allowed to load the dll. +Once loaded, a dll runs at the capability level of the loading +process. A dll that has a higher capability set than the +loading process cannot leak capabilities to the process, but a process can +leak capabilities to the dll.

For more information, see DLL +capability model in a secure platform (TSS000454) in the Forum Nokia +Knowledge Base.

\ No newline at end of file