The following table, Comparison of capabilities,shows how the capabilities are divided.
|
Unrestricted
|
User-grantable
(at
installation time)
|
Symbian
Signed
|
Manufacturer
approval
|
|
60% of
APIs
|
ReadUserData
WriteUserData
NetworkServices
LocalServices
UserEnvironment
Note:
Implementation may vary between devices.
|
The
user-grantable
capabilities
+
|
Symbian
Signed
capabilities
+
|
|
Declarative:
Location
ReadDeviceData
WriteDeviceData
PowerMgmt
SurroundingsDD
ProtServ
TrustedUI
SwEvent
|
DRM
TCB
|
|
Capability
Request Form & Platform approval:
DiskAdmin
AllFiles
CommDD
MultiMediaDD
NetworkControl
|
Table:
Comparison of capabilities
The following table, Description of capabilities, provides more information on what the separate capabilities mean in practice.
|
|
Capability
|
Description
|
|
1
|
NetworkServices
|
This capability is for, e.g., dialing a number or sending a text message.
|
|
2
|
LocalServices
|
This capability is for sending or receiving information through USB, IR, and point-to-point Bluetooth profiles.
|
|
3
|
ReadUserData
|
Grants read access to user data. System servers and application engines are free to grant this restriction level to their data.
|
|
4
|
WriteUserData
|
Grants write access to user data. Again, system servers and application engines are free to grant this restriction level to their data.
|
|
5
|
Location
|
Grants
access to the location of the phone.
|
|
6
|
UserEnvironment
|
Grants access to live confidential information about the user and his/her immediate environment.
|
|
7
|
PowerMgmt
|
Grants the right to kill any process in the system or to switch machine state (turn the phone off).
|
|
8
|
MultimediaDD
|
Controls access to all multimedia device drivers (sound, camera, etc.).
|
|
9
|
ReadDeviceData
|
Grants read access to sensitive system data.
|
|
10
|
WriteDeviceData
|
Grants write access to sensitive system data.
|
|
11
|
DRM
|
Grants access to protected content.
|
|
12
|
TrustedUI
|
This capability differentiates “normal” applications from “trusted”
applications. If a trusted application is displaying something on
the screen, a normal application cannot fake it.
|
|
13
|
ProtServ
|
Grants the right to a server to register with a protected name. Protected names start with an Ò!Ó (exclamation point). The
kernel will prevent servers without ProtServ capability
from using such a name, and therefore will prevent protected
servers from being impersonated.
|
|
14
|
NetworkControl
|
Grants the right to modify or access network protocol controls.
|
|
15
|
SwEvent
|
Grants the
right to generate and capture software key and pen events.
|
|
16
|
SurroundingsDD
|
Grants access to logical device drivers that provide input information about the surroundings of the phone.
|
|
17
|
TBC
|
Grants access to /sys and /recourse directories in the phone.
|
|
18
|
CommDD
|
Grants access to communication device drivers.
|
|
19
|
DiskAdmin
|
Grants the right to disk administration functions, such as formatting a drive.
|
|
20
|
AllFiles
|
Grants visibility to all files in the system and extra write access to
files under /private.
|
Table:
Description of capabilities
As described earlier, some capabilities are granted by the device’s manufacturer. The manufacturer will use its discretion before granting the capabilities. Usually strong enough business reasoning is sufficient to gain the capabilities.
For a developer to be able to get manufacturer capabilities for the application, it is necessary to contact the manufacturer in
question for more details.
