×

Discussion Board

Results 1 to 5 of 5
  1. #1
    Registered User
    Join Date
    May 2008
    Posts
    3

    Untrusted Midlets in S40

    Hello,

    In S40v5 the user has only two options for an unsigned midlet to access his files - Always Ask or No access.

    Why would you limit the user and take away from him his freedom in the name of his security? Why would you doubt his ability to make decisions for himself?

    What if he knows the provider of midlet in person?

  2. #2
    Nokia Developer Champion
    Join Date
    Apr 2003
    Location
    USA, CA
    Posts
    7,192

    Re: Untrusted Midlets in S40

    That is same as the recommended security policy for MIDP 2.1
    http://wiki.forum.nokia.com/index.ph..._access_rights

    I know that this policy feels in some cases this way too restrictive. Unfortunately.

    Hartti

  3. #3
    Registered User
    Join Date
    May 2008
    Posts
    3

    Re: Untrusted Midlets in S40

    Hartii,

    I have a phone Nokia 5310. According to the technical documentation it is build on MIDP 2.0.

    Lets focus on the security recommendations for File APIs (JSR 75). Related JSRs are JSR 185 and JSR 118 (MIDP 2.0).

    I will quote a part of JSR 75 and then ask a question.

    **Beginning of quote
    "MIDP 2.0 GSM/UMTS Recommended Security Model

    The MIDP 2.0 specification additionally includes a recommended practices
    document describing the recommended security model for implementing MIDP 2.0 on
    GSM/UMTS devices. This section describes how the FileConnection APIs can
    be fit into that recommended security model. Note that this section is
    for GSM/UMTS devices only, and is not applicable to MIDP 2.0 implementations on
    devices not supporting those protocols.

    All previously defined recommended practices for the FileConnection APIs in the
    MIDP 2.0 security model are also applicable in this instance.

    Function Groups

    The GSM/UMTS Recommended Security model indicates that permissions should be,
    but are not required to be, mapped to a defined function group in the
    recommended model for user convenience. This document recommends
    that the permissions not be mapped to any of the function groups listed in the
    GSM/UMTS Recommended Security, but rather leave it to the implementation to
    choose how the permissions are presented to the user and what the default
    interaction modes are for the permissions."
    ** end of quote

    As you can see MIDP 2.0 and JSR 75 leave it to the implementation to set the specific permission to the File APIs function group.

    Was it NOKIA who decided to not allow me as the user to set a Session permission for an untrusted midlet to access my files? If so, what were the reasons?

  4. #4
    Nokia Developer Champion
    Join Date
    Apr 2003
    Location
    USA, CA
    Posts
    7,192

    Re: Untrusted Midlets in S40

    First of all, 5310 Xpress Music is MIDP 2.1 phone.
    http://www.forum.nokia.com/devices/5310_XpressMusic

    Secondly, I understand your frustration of not being freely access the file system.
    However the same document you also refer to contains these sentences:
    In concordance with this security policy, it is defined that untrusted MIDlet suites that access the protected APIs and functions of the FileConnection APIs MUST be subject to explicit confirmation by the user (this is a similar policy surrounding the use of the http and https protocols). This mandate conforms to requirements defined in both the FileConnection security policy and the MIDP 2.0 security policy.
    Finally I have to note that I do not understand what the last sentence you quoted really means. The sentence is definitely incomplete and seems to contradict with the rest of the document (which is midp_20_security.html, if anyone is interested...)

    Hartti

  5. #5
    Nokia Developer Champion
    Join Date
    Mar 2003
    Posts
    4,104
    rasto007, I understand (and share) your frustration, however, Forum Nokia is not the best place to discuss this. I recommend to file a comment to Nokia end-user support channels, and comment to the MIDP team. In the mean time you could go for a Nokia S60 2nd Edition or a Sony Ericsson device or ask your application vendor to sign this MIDlet.

Similar Threads

  1. how to install untrusted midlets in N-Gageqd
    By kau_shimpi in forum [Archived] Other Programming Discussion 关于其他编程技术的讨论
    Replies: 3
    Last Post: 2006-10-16, 18:26
  2. Remove Mutiple MIDlets before startup (S40)
    By mmalam1 in forum Mobile Java General
    Replies: 1
    Last Post: 2006-08-27, 02:07
  3. Nokia手机主要参数列表
    By cqucyf in forum [Archived] Other Programming Discussion 关于其他编程技术的讨论
    Replies: 0
    Last Post: 2005-05-04, 16:34
  4. Push Registry - Untrusted midlets?
    By steffi1 in forum Mobile Java General
    Replies: 0
    Last Post: 2003-11-24, 23:59

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •