How to separate sensitive code from Application
This page describes how to separate sensitive code from the Application.
The following is the most common UseCase which is generally seen while going for Symbian Signing process.
There is a resource which has different versions for different regions that requires Manufaturer capabilities. So signing it for each version incurs cost.
We should separate the codes that needs manufacturer capabilities into an embeded sis and sign it first with required Manufaturer capabilities.
In this situation "Client/Server Architecture" provides a method for segregating the code requiring sensitive capabilities and the code requiring normal capabilities.
As an example, an Application needs data to be read, written, deleted in the private folder. Accessing the private folder requires "ALLFILES" capabilities.If this application is to be developed in different versions for different regions, then it will be too expensive to sign each version with "ALLFILES" capabilities.
The Server should implement the code which requires "ALLFILES" capabilities and is signed only once. The Client requires normal capabilities. Thus signing cost can be cut down.
The Server can also check the Client's SecureId and capabilities, if it is a valid one then it grants the permission to manipulate (create,delete a file) the file system within the private folder of the target.
The following is the link to the sample application: