Assigning Capabilities

The following table, Comparison of capabilities, shows how the capabilities are divided.

Unrestricted

User-grantable

(at installation time)

Symbian Signed

Manufacturer approval

60% of APIs

ReadUserData

WriteUserData

NetworkServices

LocalServices

UserEnvironment

 

Note: Implementation may vary between devices.

The user-grantable

capabilities

+

Symbian Signed

capabilities

+

Declarative:

Location

ReadDeviceData

WriteDeviceData

PowerMgmt

SurroundingsDD

ProtServ

TrustedUI

SwEvent

 

DRM

TCB

Capability Request Form & Platform approval:

DiskAdmin

AllFiles

CommDD

MultiMediaDD

NetworkControl

 

Table: Comparison of capabilities

The following table, Description of capabilities, provides more information on what the separate capabilities mean in practice.

 

Capability

Description

1

NetworkServices

This capability is for, e.g., dialing a number or sending a text message.

2

LocalServices

This capability is for sending or receiving information through USB, IR, and point-to-point Bluetooth profiles.

3

ReadUserData

Grants read access to user data. System servers and application engines are free to grant this restriction level to their data.

4

WriteUserData

Grants write access to user data. Again, system servers and application engines are free to grant this restriction level to their data.

5

Location

Grants access to the location of the phone.

6

UserEnvironment

Grants access to live confidential information about the user and his/her immediate environment.

7

PowerMgmt

Grants the right to kill any process in the system or to switch machine state (turn the phone off).

8

MultimediaDD

Controls access to all multimedia device drivers (sound, camera, etc.).

9

ReadDeviceData

Grants read access to sensitive system data.

10

WriteDeviceData

Grants write access to sensitive system data.

11

DRM

Grants access to protected content.

12

TrustedUI

This capability differentiates "normal" applications from "trusted" applications. If a trusted application is displaying something on the screen, a normal application cannot fake it.

13

ProtServ

Grants the right to a server to register with a protected name. Protected names start with an Ò!Ó (exclamation point). The kernel will prevent servers without ProtServ capability from using such a name, and therefore will prevent protected servers from being impersonated.

14

NetworkControl

Grants the right to modify or access network protocol controls.

15

SwEvent

Grants the right to generate and capture software key and pen events.

16

SurroundingsDD

Grants access to logical device drivers that provide input information about the surroundings of the phone.

17

TBC

Grants access to /sys and /recourse directories in the phone.

18

CommDD

Grants access to communication device drivers.

19

DiskAdmin

Grants the right to disk administration functions, such as formatting a drive.

20

AllFiles

Grants visibility to all files in the system and extra write access to files under /private.

Table: Description of capabilities

As described earlier, some capabilities are granted by the device's manufacturer. The manufacturer will use its discretion before granting the capabilities. Usually strong enough business reasoning is sufficient to gain the capabilities.

For a developer to be able to get manufacturer capabilities for the application, it is necessary to contact the manufacturer in question for more details.

 

 

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值