Forum Nokia
Nokia Connecting People

Login Register

 

Home: Platforms: S60 platform : Symbian OS Platform Security : Capability Solutions

Capability Solutions

Before requesting capabilities to implement some specific feature, take a moment to examine the following items. It is possible that there is a way to implement that feature without the platform- or manufacturer-approved capability. In the end, this kind of solution will save you time and money.

File access

  • Basic file management features such as copy, move, and delete don’t need AllFiles capability by default. Public directories can be accessed without any capabilities. Only data caged directories are protected with AllFiles capability.


  • RFs::NotifyChange() needs AllFiles only if used in data caged directories. If used in the public directories, it doesn't need any capabilities.


  • Accessing attachments in the messaging inbox doesn’t require AllFiles. Instead of using straight file access to the attachment, the MMsvAttachmentManager class should be used.


  • To be able to load mobile IP drivers, ESOCK’s ESK and INI files need to be edited, and thus AllFiles is needed.

Audio and video

  • Playing / streaming / recording video or audio does not require MultimediaDD capability by default. MultimediaDD capability is only needed if a custom priority value is needed for the application.


  • Audio routing and mixing with an ongoing voice call cannot be done without Nokia Audio Proxy Server (APS). Using APS will also require MultimediaDD capability. This is due to a hard-coded Vendor ID check in the mixing policy between third-party players and the native telephony application. Typical need for APS and MultimediaDD capability is a VoIP client.

Connectivity

  • The HotSpot framework API will need the following capabilities:

    • CommDD, PowerMgmt, Read/WriteDeviceData, Read/WriteUserData, TrustedUI, ProtServ, NetworkControl, NetworkServices, and LocalServices.
  • Opening data port loaned (DATAPORT.CSY) from a CSD data call using RComm::Open() requires the following capabilities:


    • NetworkServices, NetworkControl, and CommDD.
  • For other CSY modules the following capabilities are needed:


    • BTCOMM.CSY – LocalServices
    • IRCOMM.CSY – LocalServices
    • ECUART.CSY – No capabilities needed
  • The NIFMAN configuration daemon is an E-COM plug-in that allows the network interface components to be configured after the link-layer has been established. Such a plug-in needs CommDD and NetworkControl capabilities.

Messaging

  • Client-side Message Type Modules (MTMs) need All – TCB* capabilities to make those available to all clients. Capabilities are not used as such, but are needed due to the DLL loading rules.


  • Server-side MTMs will need the same capabilities as the native system messaging application, i.e., Read/WriteDeviceData, Read/WriteUserData, DiskAdmin, NetworkControl, SwEvent, NetworkServices, LocalService, Location, and UserEnvironment.


  • Implementing the CMsgBioControl class (bio messaging parser) will require the same capabilities as the native system messaging application, i.e., Read/WriteDeviceData, Read/WriteUserData, DiskAdmin, NetworkControl, SwEvent, NetworkServices, LocalServices, Location, and UserEnvironment, due to the fact that the parser runs inside the messaging client process.

Security

  • To implement an antivirus application properly for the S60 3rd Edition Symbian Platinum partnership, it is necessary to get access to the Symbian "file hooks." Also, TCB capability is needed to be able to scan all the files, including the files in the data caged folders.


  • Device encryption applications will need TCB capability to be able to encrypt the files located in data caged folders.

Others

  • Implementing the Front End Processor (FEP) will require All – TCB* capabilities. This is because FEP needs to be able to be loaded by all system applications. Capabilities are not used as such, but are needed due to the DLL loading rules. Typical FEP implementation is to add some new input language to the device.


  • Browser plug-ins (CEcomBrowserPluginInterface) require the following capabilities:


    • NetworkServices, LocalServices, Read/WriteUserData, Read/WriteDeviceData, SwEvent, UserEnvironment, DRM and NetworkControl.

(*) Having All – TCB capabilities means all other capabilities except TCB capability. A similar pattern can be used in other cases as well, and multiple capabilities can be excluded in a similar way, feor example All – DRM or All – TCB – DRM – AllFiles.


Capability Descriptions

Learn more about
Capability granting process
Symbian Signed
Testing

Back to top

Learn how to
download applications

java symbian_os s60 maemo c++

Community highlights

Wiki article of the week

How to use Google Maps data in mobile applications

Champion of the month

Pankaj Nathani
Read more about
Pankaj on the
Champions web site.

Newsletter sign up

Privacy policy   Archives

Press

Events

Forum Nokia feed

  • Latest devices
  • Latest documents
  • Latest tools
  • Latest blog entries

Terms & Conditions | Privacy policy | Site map | Developer feedback | © Nokia 2008


RDF Facets:


qdcZcoverageQUxhttpE3AE2FE2FforumE2EnokiaE2EcomE2FX
qdcZtypeQUqfnZE45E78cludedFromGeneralE4CistingsQ
qdcZtypeQUqfnTypeZE52esourceQ
qdcZtypeQUqfnTypeZWebpageQ
qdcZtypeQUqmarsZManagedE52esourceQ
qdcZtypeQUqwebZInformationE52esourceQ
qdcZtypeQUqwebZPageQ
qdcZtypeQUqrdfsZE52esourceQ
qfnZdistributionQUxhttpE3AE2FE2FforumE2EnokiaE2EcomE2FX
qfnZtypeQUqfnTypeZE52esourceQ
qfnZtypeQUqfnTypeZWebpageQ
qfnZtypeQUqmarsZManagedE52esourceQ
qfnZtypeQUqwebZInformationE52esourceQ
qfnZtypeQUqwebZPageQ
qfnZtypeQUqrdfsZE52esourceQ
qmarsZlanguageQUxhttpE3AE2FE2FswE2EnokiaE2EcomE2FlanguageE2D1E2FenX
qrdfZtypeQUqfnZE45E78cludedFromGeneralE4CistingsQ
qrdfZtypeQUqfnTypeZE52esourceQ
qrdfZtypeQUqfnTypeZWebpageQ
qrdfZtypeQUqmarsZManagedE52esourceQ
qrdfZtypeQUqwebZInformationE52esourceQ
qrdfZtypeQUqwebZPageQ
qrdfZtypeQUqrdfsZE52esourceQ