Revision as of 02:48, 29 August 2012 by hamishwillee (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


From Nokia Developer Wiki
Jump to: navigation, search

Needs-update.pngThis article needs to be updated: If you found this article useful, please fix the problems below then delete the {{ArticleNeedsUpdate}} template from the article to remove this warning.

Reasons: hamishwillee (31 Jan 2012)
This update should be merged with, and redirected to, the official capabilities topic: Capabilities (Symbian Signed)

Article Metadata
Created: User:Nobody (27 Feb 2007)
Last edited: hamishwillee (29 Aug 2012)


What are capabilities?

The Symbian platform enables applications to use the Platform Security architecture in order to gain access to sensitive functionality within the platform.

Access to certain APIs is restricted by the capabilities.

List of S60 capabilities

Basic capabilities - approved by the end user

Extended capabilities - approved by Symbian Signing

Open signed online

Certified Signed

Manufacturer-approved capabilities

* Location capability needed to be open signed in devices prior S60 3rd Edition FP2. Starting from FP2, the Location capability becomes one of the "user capabilities".

Using capabilities

In native Symbian C++ projects the capabilities are listed in .MMP

//No capabilities

//Uses "LocalServices" capability
CAPABILITY		LocalServices

//Uses several capablities, space in between names
CAPABILITY		FirstCapability SecondCapability

In Qt the capabilities are listed in .PRO file. These values are ingored when building for other platforms.

symbian: {
TARGET.CAPABILITY = FirstCapability SecondCapability

Signing with capabilities

Applications need to be signed to be installed on a Symbian device.

Signing ensure that application does not access functions from the device other than those granted by the listed capabilities.

Level of signing required depends on the capabilities used.

Some capabilities can be self signed, meaning that any developer can add them to their application. User will be prompted for permission for these on the application installation process.

Others require some sort of controlled signing, either through free web service (open signed online for testing only) or by acquiring a publisher ID and signing the application with certified signing.

For most applications the basic capabilities are be enough. In Qt-builds, this is the default signing option, so you don't need to make any changes in template projects.

NOTE: In some older Nokia E-Series device (E51 fore example) self signed applications will not install by default, but the user needs to allow all applications (not trusted) to be installed in the device.

Capabilities in executable level

A capability is a feature of Symbian Platform Security, introduced on S60 in S60 3rd Edition (Symbian OS v9.1). For each of the capabilities, each running process (started from an EXE file) either has it or hasn't. Some actions, such as calling a server on the Symbian OS, require the calling process to have a capability. Whether or not the capability is required is controlled by the server that is being called: each server defines its own policy.

Also libraries (DLLs) have capabilities, but these are interpreted a bit differently than capabilities of processes (EXE files). When applied to a DLL, a capability indicates the trust level of the code within the DLL. When the DLL is loaded into a process, the code is executed with the capabilities of the process (EXE), not the capabilities of the DLL. The capabilities of the DLL just indicate to which extent the code in the DLL can be trusted. As an example, an EXE that has a TCB capability cannot load a DLL that does not have the TCB capability because the lack of TCB on a DLL indicates that the DLL code is not trusted to execute under TCB capability.

See Also

This page was last modified on 29 August 2012, at 02:48.
329 page views in the last 30 days.