Developers guidelines Signing applications
IF a VID value other than 0 is to be used, it is specified in the .MMP file of the application. VID values must not be specified for unsigned applications.
Data caging
Data caging has been introduced in Symbian OS v9 to prevent one application to overwrite data belong- ing to another application.
The file system has the following structure:
•\sys : This is the restricted system area which is only accessible for highly trusted system processes.
•\sys\bin : Holds all executables such as EXEs, DLLs and
•\private : Each application has its own private view of the file system consisting of \pri- vate\<SID>\. This folder is only accessible by the application itself, the software installation pro- gram and applications trusted with capabilities on the highest level (granted by the phone manufacturer).
•\resource : A public,
\resource\apps.
Other directories are public and can be read from or written to by any program.
Unsigned - sandboxed applications
Unsigned applications are applications that have not been authorized through any signing process. Unsigned applications are allowed access to all unrestricted APIs and a small number of restricted APIs. Such applications are often referred to as “Unsigned - Sandboxed”, which implies that they have access to a limited number of APIs (the sandbox).
Unsigned - sandboxed applications using any of the restricted APIs, still need to be authorized by the user at install time. When the application is installed on the phone, the user is prompted to accept that the application is granted “blanket” permissions to any functions that it requires. If the user accepts, the appli- cation is granted permission to the functions as long as it is installed in the phone. If the user rejects, the installation is aborted.
Some capabilities can only be granted
10 | October 2006 |
