Symbian Capabilities

[pavan061994]

Capabilities (Symbian Signed)/TCB Capability The TCB ( T rusted C omputing B ase) platform security capability protects the core set of processes that enforce security on the rest of the platform. Applications that wish to use this capability must first obtain permission from the device manufacturer *. Device Manufacturer Capabilities - see this for information about device manufacturer capabilities *. Sensitive Applications - see this article for examples of application types that may need TCB. Note thatit is unlikely that any new process will be given TCB, with the exception of debug tools used during product creation. Further information Why? *. A trusted computing base is the foundation of any secure system. *. The /sys and /resource directories are protected, because process capabilities are encoded in the executable header. *. Certificates are checked at install time by the software installer, rather than at load time by the loader. What? *. Tcb allows write access to \sys and \resource directories. This is the most critical capability as it allowswrite access to executables, which contain the capabilities that define the security attributes of a process. *. The file server checks TCB capability when a process attempts to access /sys or write to /resource *. The kernel and device drivers check TCB capability on certain APIs intended for use by the file server Where? *. The kernel has TCB capability because code running in kernel mode can access the whole system. *. The file server has TCB capability because it is responsible for enforcing security of the file system *. The software install server has TCB capability because it needs to write to /sys and /resource when installing software. *. Device drivers need TCB because they are loaded into the kernel process and run in kernel mode. *. File server plugins (extensions and filesystems) need TCB because they are loaded into the file server process.

[pavan061994]

Device Manufacturer Capabilities (Symbian Signed) What are Device Manufacturer Capabilities? TCB (Trusted Computing Base), DRM and AllFiles are the most sensitive capabilities within the Symbian platform Platform Security model. These capabilities can only be granted by the a Device Manufacturer and so you will need to speak to them directly, as outlined below, in order to be granted these capabilities. This article explains how to get access to these capabilities for specific manufacturers. How to Get Access to These Capabilities Nokia The process steps are as follows: *. A user requests a Developer Certificate (Open Signed Offline) for AllFiles, DRM, and/or TCB through the Symbian Signed website. *. The request is evaluated from a technical and commercial point of view by Nokia. Nokia may contact you if there is a need for more information to be submitted. *. If the evaluation is successful, a legal agreement related to DRM liabilities must be signed. *. The Developer Certificate will then be granted to you. Nokia will provide you with details of how to access the "Symbian Signed for Nokia" website where you can submit the application to be Symbian Signed. *. The testing will be performed against the Symbian Signed Test Criteria and Nokia's own test criteria. After the application has passed "Symbian Signed for Nokia" testing it is Symbian Signed and the application will be available to download through your "Symbian Signed for Nokia" account. The application must define the manufacturer ID ( S60 Platform and device identification codes ) in the PKG file so that it can only be installed to the devices from the same platform. It is also possible to limitthe installation to a specific Nokia device or devices. It is highly recommended that the part of the application which requires the above-mentioned Capabilities is packaged into a separate SIS file. This SIS file will have the required Capabilities and you can embed this SIS file in the main application SIS file in application distribution. This avoids going through Symbian Signed for Nokia testing when changes are made to the main application SIS file. Sony Ericsson *. Request a Developer Certificate (Open Signed Offline) for any of the Capabilities AllFiles, DRM or TCB through the Symbian Signed site. *. The request is evaluated from a technical and commercial point of view by Sony Ericsson. For this request to be granted the developer should have a business contact within Sony Ericsson. *. Apply for Sony Ericsson channel access for Symbian Signed at http://developer.sonyericsson.com/wportal/devworld/page-not-found?cc=gb&lc=en . *. Submit the application and Capability Request Form. The Capability Request Form can be found at Symbian Signed Forms and Documents . *. Before submitting the application it must be signed with a Publisher ID. A Capability Request Form must also be submitted with the application since all applications are granted on a per application basis. *. The testing will be performed against the Symbian Signed Test Criteria and Sony Ericsson test criteria. If the application is targeted for a specific device this must also be specified in the PKG file. After the application has passed "Symbian Signed for Sony Ericsson" testing it is Symbian Signed, and the application will be available through your 'Symbian Signed for Sony Ericsson' account. Samsung For details of how to get Device Manufacturer Capabilities for Samsung devices, contact [email protected] the first instance.

[pavan061994]

App types that require sensitive Symbian capabilities This article contains a non-exhaustive list of the sorts of applications that typically need to be granted sensitive platform security capabilities , along with information about the capabilities required and why. Capabilities for known applications Here is a non-exhaustive list of known applications and the needed capabilities . If you are developing an application that falls into a category listed here, you should prepare to apply for listed capabilities when applying for a DevCert. In addition your application must pass both Symbian Signed. If any of themanufacturer approved capabilities ( TCB , DRM and/or AllFiles ) are included also Nokia test criteria must be passed in order to receive the final Symbian Signed certification. Note also, that the capability reasoning given here is not self sufficient when applying for the DevCert; you will need to provide detailed information on the APIs needing mentioned capabilities. (Stating only that application XY needs TCB because stated so on this wiki page, is not itself a good enough reason for getting TCB approval) Also, when making the DevCert request, it is strongly recommended that you scan your application code to see what other capabilities are really needed, and to omit all unnecessary capabilities from yourDevCert request. Doing so may reduce otherwise unnecessary steps when handling your request. Capabilities for known applications - by type Firewall CommDD , NetworkControl Reasons: Hook in IP stack, advanced connections management Antivirus AllFiles , TCB , DiskAdmin , CommDD Reasons: Read & Write access to caged data (\sys, \resource, \private), virus definition file updates fromnetwork. Note that antivirus application needs to create file hooks, which cannot be implemented without a Symbian Platinum Partner development kit. Encryption AllFiles , TCB , DiskAdmin Reasons: Read & Write access to caged data (\sys, \resource, \private) Device management & device blocking AllFiles , DiskAdmin , NetworkControl , CommDD , MultimediaDD Reasons: Read & Write access to caged data (\sys, \resource, \private), managing connections, managing system resources VoIP NetworkControl , MultimediaDD Reasons: Full duplex audio ( APS ), low level IP protocol access Network Monitoring CommDD , NetworkControl Reasons: Protocol packets access, access to IAP tables VPN CommDD , NetworkControl Reasons: Access to protocol packets, tunneling secure data HotSpot Framework CommDD , NetworkControl Reasons: Access to protocol packets, tunneling secure data Following are examples of applications that in theory can need sensitive capabilities but do so only in rare circumstances, and thus need extra reasoning in order to be approved. Data call CommDD , NetworkControl Reasons: There are better way to implement data connection that a CSD data call . SIP application NetworkControl Reasons: Enabling a SIP profile – not a common action of a SIP application. File browser application DiskAdmin , AllFiles Reasons: File browser application that has access to all caged data will not get accepted, as it will jeopardize the Platform Security feature as such. File access capabilities in general Three caged locations in the file system need capabilities to access: \sys – AllFiles to read, TCB to write \resource – no caps to read, TCB to write \private – no caps for process’ own caged part, for other parts AllFiles is needed (read & write). DLL loading requirements by DLL type Message Type Modules: Client side MTMs *. S60 3.0, 3.1 All – TCB (read: All minus TCB ) *. S60 3.2 onwards only NetworkControl and DiskAdmin are needed. Server MTM NetworkControl and DiskAdmin BIO Messaging: BIO Parser NetworkControl , DiskAdmin BIO Control plug-in NetworkControl FEP All – TCB Profile plug-in All – TCB Browser plug-in *. S60 3.0, 3.1 DRM , NetworkControl *. S60 3.2 onwards NetworkControl Phonebook plug-in NetworkControl

[pavan061994]

Capabilities (Symbian Signed)/DiskAdmin Capability The DiskAdmin capability is required to mount and dismount file systems, format media or get block level access to media with no filesystem mounted. This capability can be used with developer certificates and Symbian Signed tested applications. "Why?": If misused, these APIs can corrupt or delete data. "What?": This capability is mainly checked by the file server for low level operations, e.g. RFormat, RRawDisk "Where?": File managers that include an option to format the memory card. Disk utilities. For other examples see: Sensitive Applications . Notes: *. These APIs may look like a back door to bypass TCB, but file systems with open files can't be dismounted. The system drive always has open files when running the full OS.

[pavan061994]

Capabilities (Symbian Signed)/AllFiles Capability The AllFiles capability gives read access to the whole filesystem. It also gives write access to most of the file system (except /sys and parts of /resource , which require TCB ). Notably, a program with AllFiles capability can read and write to any program's directory under /private . This capability is very strictly controlled and it is not granted lightly. This capability is from manufacturer-approved category. To use it in your application you need to obtain a permission from device manufacturer directly. See Device Manufacturer Capabilities (Symbian_Signed) Why? The /private directory may contain sensitive information, e.g. saved passwords. Modifying another program's configuration or data files directly can cause incorrect behaviour - in the worst case, the phone stops working. What? The file server checks this capability when a normally restricted path is accessed. Where? The backup server needs AllFiles in order to be able to backup and restore /private . It is useful for debugging, so product creation tools often use it. In third-party applications it may be

[shivam94]

I want to share a pdf (given by my friend die2mrw007) which gives details on the capabilities assigned to each .exe of symbian os and we can use this to get an idea on which file should we work on modding to execute rppauto.exe

Download the file from here