Symbian
Symbian Developer Library

SYMBIAN OS V9.4

Feedback

[Index] [Previous] [Next]


ECom and the Platform Security Architecture

The Symbian OS Platform Security Architecture is designed to provide defences against malicious or badly implemented code. The following aspects of platform security are particularly relevant to the ECom plug-in architecture:

For more information on the Platform Security Architecture, see Symbian OS v9 Security Architecture in the Platform security section.

[Top]


ECom and the platform security capability model

The Platform Security Architecture protects processes against loading and using DLLs that are less secure than the processes themselves. This is done using platform security capabilities assigned to the process and the DLL. The rule applied is that the DLL must have the same or greater capabilities than the process in which it is loaded.

With ECom, a plug-in is a DLL that is loaded into a client process when an interface implementation provided by that DLL is instantiated. If the plug-in DLL has lower capabilities than the loading process, then a "permission denied" (-46) error is returned. See How to troubleshoot plug-in loading errors for details of how to investigate this error.

Providers of plug-in DLLs must consider the following with respect to platform security capabilities:

Platform security also allows you to specify that clients should only use plug-in implementations supplied by a particular company. See How to filter implementations by vendor ID for more details.

[Top]


Installation and upgrade controls

Under Platform Security, the Software Installer program controls what software is installed to the device. It enables programs originally delivered in ROM, including ECom plugins, to be upgraded securely.

Before platform security, applications could chose to use only ROM-based plug-ins. This guaranteed that the plug-ins were secure, but did not allow upgrades. Alternatively, both ROM-based and installed plug-ins were used, which allowed upgrades, but also risked the use of possibly insecure plug-ins.

Platform security improves this situation, as it allows clients to access securely both ROM-based plug-ins and any installed upgrades to those plug-ins. For more information for how clients can do this, see Using the ROM-only resolver.

Providers of ROM-based plug-ins should see How to upgrade ROM-based plug-ins securely.

[Top]


File locations

The Platform Security architecture tightly controls access to executable code by:

The registration resource file for a plug-in must be readable by ECom, but should not be alterable after installation. For this reason, registration resource files are always installed to the read-only directory \resource\plugins.

To build plug-in code to these locations, set the target type in the project file to PLUGIN. For more information, see How to write an implementation collection's project file.