Categories: Platform Security | Testing | Signing and Certification | Application Signing

From Forum Nokia Wiki

S60 Platform / Device Manufacturer Capabilities

Here is a non-exhaustive list of known applications that need either Platform- or Device Manufacturer grantable capabilities. If you are developing an application that falls into a category listed here, you should prepare to apply for listed sensitive capabilities when applying for a DevCert. In addition your application must pass both Symbian Signed and Nokia test criteria in order to receive the final signature.

Note also, that the capability reasoning given here is not self sufficient when applying for the DevCert; you will need to provide detailed information on the APIs needing mentioned capabilities. (Stating only that application XY needs TCB because stated so on this wiki page, is not itself a good enough reason for getting TCB approval)

Also, when making the DevCert request, it is strongly recommended that you scan your application code to see what other (less sensitive) capabilities are really needed, and to omit all unnecessary capabilities from your DevCert request. Doing so may reduce otherwise unnecessary steps when handling your request.

Applications usually requiring manufacturer / platform caps - by type

Firewall
CommDD, NetworkControl

Reasons: Hook in IP stack, advanced connections management

Antivirus
AllFiles, TCB, DiskAdmin, CommDD

Reasons: Read & Write access to caged data (\sys, \resource, \private), virus definition file updates from network.

Note that antivirus application needs to create file hooks, which cannot be implemented without a Symbian Platinum Partner development kit.

Encryption
AllFiles, TCB, DiskAdmin

Reasons: Read & Write access to caged data (\sys, \resource, \private)

Device management & device blocking
AllFiles, DiskAdmin, NetworkControl, CommDD, MultimediaDD

Reasons: Read & Write access to caged data (\sys, \resource, \private), managing connections, managing system resources

VoIP
NetworkControl, MultimediaDD

Reasons: Full duplex audio (APS), low level IP protocol access

Network Monitoring
CommDD, NetworkControl

Reasons: Protocol packets access, access to IAP tables

VPN
CommDD, NetworkControl

Reasons: Access to protocol packets, tunneling secure data

HotSpot Framework
CommDD, NetworkControl

Reasons: Access to protocol packets, tunneling secure data

Following are examples of applications that in theory can need sensitive capabilities but do so only in rare circumstances, and thus need extra reasoning in order to be approved.

Data call
CommDD, NetworkControl

Reasons: There are better way to implement data connection that a CSD data call.

SIP application
NetworkControl

Reasons: Enabling a SIP profile – not a common action of a SIP application.

File browser application
DiskAdmin, AllFiles

Reasons: File browser application that has access to all caged data will not get accepted, as it will jeopardize the Platform Security feature as such.

File access capabilities in general
Three caged locations in the file system need capabilities to access:

\sys – AllFiles to read, TCB to write
\resource – no caps to read, TCB to write
\private – no caps for process’ own caged part, for other parts AllFiles is needed (read & write).

DLL loading requirements by DLL type

Message Type Modules:
Client side MTMs

• S60 3.0, 3.1 All –TCB (read: All minus TCB)
• S60 3.2 onwards only NetworkControl and DiskAdmin are needed.

Server MTM
NetworkControl and DiskAdmin

BIO Messaging:
BIO Parser
NetworkControl, DiskAdmin
BIO Control plug-in
NetworkControl

FEP
All –TCB

Profile plug-in
All –TCB

Browser plug-in

• S60 3.0, 3.1 DRM, NetworkControl
• S60 3.2 onwards NetworkControl

Phonebook plug-in
NetworkControl