1 // Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
2 // All rights reserved.
3 // This component and the accompanying materials are made available
4 // under the terms of the License "Eclipse Public License v1.0"
5 // which accompanies this distribution, and is available
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".
8 // Initial Contributors:
9 // Nokia Corporation - initial contribution.
14 // e32\include\e32capability.h
15 // Platform security capability definitions
16 // Used by both source code and tools
17 // This file can be directly included into C++ tools such as ROMBUILD to allow
18 // capabilities to be specified by name. To do the same for MAKMAKE (in MMP
19 // files) some perl code will be needed to parse this file and extract the
20 // capability names and values.
24 #ifndef __E32CAPABILITY_H__
25 #define __E32CAPABILITY_H__
28 An enumeration that defines the set of all supported capabilities.
36 Grants write access to executables and shared read-only resources.
38 This is the most critical capability as it grants access to executables and
39 therefore to their capabilities. It also grants write access to
40 the /sys and /resource directories.
46 Grants direct access to all communication device drivers. This includes:
47 the EComm, Ethernet, USB device drivers etc.
49 ECapabilityCommDD = 1,
55 - to kill any process in the system
56 - to power off unused peripherals
57 - to switch the machine into standby state
58 - to wake the machine up
59 - to power the machine down completely.
61 Note that this does not control access to anything and everything
62 that might drain battery power.
64 ECapabilityPowerMgmt = 2,
68 Grants direct access to all multimedia device drivers.
70 This includes the sound, camera, video device drivers etc.
72 ECapabilityMultimediaDD = 3,
76 Grants read access to network operator, phone manufacturer and device
77 confidential settings or data.
79 For example, the pin lock code, the list of applications that are installed.
81 ECapabilityReadDeviceData = 4,
85 Grants write access to settings that control the behaviour of the device.
87 For example, device lock settings, system time, time zone, alarms, etc.
89 ECapabilityWriteDeviceData = 5,
93 Grants access to protected content.
95 DRM (Digital Rights Management) agents use this capability to decide whether
96 or not an application should have access to DRM content.
97 Applications granted DRM are trusted to respect the rights associated
104 Grants the right to create a trusted UI session, and therefore to display
105 dialogs in a secure UI environment.
107 Trusted UI dialogs are rare. They must be used only when confidentiality
108 and security are critical; for example, for password dialogs.
110 Normal access to the user interface and the screen does not require
113 ECapabilityTrustedUI = 7,
117 Grants the right to a server to register with a protected name.
119 Currently, protected names start with a "!" character. The kernel prevents
120 servers without this capability from using such a name, and therefore
121 prevents protected servers from being impersonated.
123 ECapabilityProtServ = 8,
127 Grants access to disk administration operations that affect more than one
128 file or one directory (or overall filesystem integrity/behaviour, etc).
130 For examples, reformatting a disk partition.
132 ECapabilityDiskAdmin = 9,
136 Grants the right to modify or access network protocol controls.
138 Typically when an action can change the behaviour of all existing and
139 future connections, it should be protected by this capability.
141 For example, forcing all existing connections on a specific protocol
142 to be dropped, or changing the priority of a call.
144 ECapabilityNetworkControl = 10,
148 Grants read access to the entire file system; grants write access to
149 the private directories of other processes.
151 This capability is very strictly controlled and should rarely be granted.
153 ECapabilityAllFiles = 11,
157 Grants the right to generate software key & pen events, and to capture any
158 of them regardless of the status of the application.
160 Note that after obtaining the focus, normal applications do not need this
161 capability to be dispatched key and pen events.
163 ECapabilitySwEvent = 12,
167 A user capability that grants access to remote services without any
168 restriction on its physical location.
170 Typically, such a location is unknown to the phone user, and such services
171 may incur cost for the phone user.
173 Voice calls, SMS, and internet services are good examples of
174 such network services. They are supported by GSM, CDMA and all IP transport
175 protocols including Bluetooth profiles over IP.
177 ECapabilityNetworkServices = 13,
181 A user capability that grants access to remote services in the close
182 vicinity of the phone.
184 The location of the remote service is well-known to the phone user, and in
185 most cases, such services will not incur cost for the phone user.
187 ECapabilityLocalServices = 14,
191 A user capability that grants read access to data that is confidential to
194 This capability supports the management of the user's privacy.
196 Typically, contacts, messages and appointments are always seen user
199 ECapabilityReadUserData = 15,
203 A user capability that grants write access to user data.
205 This capability supports the management of the integrity of user data.
207 Note that this capability is not symmetric with the ECapabilityReadUserData
208 capability. For example, you may want to prevent rogue applications from
209 deleting music tracks but you may not want to restrict read access to them.
211 ECapabilityWriteUserData = 16,
215 A user capability that grants access to the location of the device.
217 This capability supports the management of the user's privacy with regard
218 to the phone location.
220 ECapabilityLocation = 17,
224 Grants access to logical device drivers that provide input information about
225 the surroundings of the device.
227 Good examples of drivers that require this capability would be GPS and biometrics
228 device drivers. For complex multimedia logical device drivers that provide both
229 input and output functions, such as Sound device driver, the MultimediaDD
230 capability should be used if it is too difficult to separate the input from the
231 output calls at its API level.
233 ECapabilitySurroundingsDD = 18,
237 Grants access to live confidential information about the user and his/her
238 immediate environment. This capability protect the user's privacy.
240 Examples are audio, picture and video recording, biometrics (such as blood
243 Please note that the location of the device is excluded from this capability.
244 The protection of this is achieved by using the dedicated capability Location
246 ECapabilityUserEnvironment = 19,
249 ECapability_Limit, /**< @internalTechnology */
251 ECapability_HardLimit = 255, /**< @internalTechnology */
253 ECapability_None = -1, /**< Special value used to specify 'do not care' or 'no capability'.*/
255 ECapability_Denied = -2 /**< Special value used to indicate a capability that is never granted. */
259 /** Define this macro to reference the names of the capabilities. This is here so
260 that ROMBUILD can accept capability names.
262 #ifdef __REFERENCE_CAPABILITY_NAMES__
264 extern const char* const CapabilityNames[ECapability_Limit];
266 #endif // __REFERENCE_CAPABILITY_NAMES__
268 /** Define this macro to include the names of the capabilities. This is here so
269 that ROMBUILD can accept capability names.
271 #ifdef __INCLUDE_CAPABILITY_NAMES__
273 /** List of names of all supported capabilities
274 Must be in the same order as the enumerators in TCapability
279 extern const char* const CapabilityNames[ECapability_Limit] =
303 #endif // __INCLUDE_CAPABILITY_NAMES__
305 #endif // __E32CAPABILITY_H__