Please note that as of October 24, 2014, the Nokia Developer Wiki will no longer be accepting user contributions, including new entries, edits and comments, as we begin transitioning to our new home, in the Windows Phone Development Wiki. We plan to move over the majority of the existing entries. Thanks for all your past and future contributions.

Capabilities (Symbian Signed)

From Wiki
Jump to: navigation, search
Article Metadata
Created: hamishwillee (16 Dec 2010)
Last edited: hamishwillee (20 Jul 2012)


What is a Capability?

Symbian's Platform Security architecture protects access to sensitive functionality using "capabilities". If your application uses an API that is protected with a capability you will need to declare the capability in your app project file at build time, and then digitally sign the application installation file with a certificate that is trusted to grant the needed capabilities.

There are twenty capabilities, and they are split into four groups - User Capabilities, System Capabilities, Restricted Capabilities and Device Manufacturer Capabilities. The groups protect progressively "more sensitive" APIs.

Which capabilities can I access?

The table below shows what certificates/signing mechanisms can grant capabilities in each group.

Capability Group Capability Name   Self-Signed Development Certificate

(unverified account)

Development Certificate

(verified account)

Express Signed Certified Signed
User Capabilities LocalServices Yes, with user confirmation at install time Yes Yes Yes Yes
System Capabilities PowerMgmt
Restricted Capabilities CommDD
Manufacturer Capabilities AllFiles Nokia Approval Required Nokia Approval Required

How do I know which capabilities I need?

Most applications will use only need the "user grantable" capabilities; as a result it is generally quite easy to "guess" what capabilities your application needs based on what it does. For example, an application that needs to connect to the Internet will need NetworkServices.

Note.pngNote: You should apply just those capabilities that your application needs.

You can also look up the capabilities required for each API in the SDK/online documentation, as shown in the example below.


Lastly, the Carbide.c++ IDE also provides the "Capability Scanner" tool. Select the .mmp file in the Project Explorer window from within Carbide.c++ and select Project, Run Capability Scanner on Project MMP. The results will be displayed in a new Platform Security window, as shown in the screenshot below


Device Manufacturer Capabilities

AllFiles, TCB and DRM protect the most sensitive aspects of the platform functionality, and access to them is only permissible when working with a Device Manufacturer and with their consent. However, it is very unlikely that your application will need these capabilities as they are only required for some very sensitive operations.

A more in-depth discussion of these capabilities can be found in the full article on the subject.

Licence icon cc-by-sa 3.0-88x31.png© 2010 Symbian Foundation Limited. This document is licensed under the Creative Commons Attribution-Share Alike 2.0 license. See for the full terms of the license.
Note that this content was originally hosted on the Symbian Foundation developer wiki.

This page was last modified on 20 July 2012, at 07:49.
63 page views in the last 30 days.