Wiley.Developing.Software.for.Symbian.OS.2nd.Edition.Dec.2007 (779887), страница 43
Текст из файла (страница 43)
See the Symbian OS Librarydocumentation in the SDK for more information.6.9 Other Data Collection ClassesSymbian OS provides a wide assortment of data collection structures.They are too numerous to cover them all, but here is a useful subset.214STRINGS, BUFFERS, AND DATA COLLECTIONS6.9.1 Linked ListsClass TDblQue<class T> can be used to create a double-linked listof objects of type T. The class that the array contains must have amember variable of type TDblQueLink (contains the forward and backward linked list pointers).
Then when you construct the TDblQue,you specify the offset of the TDblQueLink member variable in theconstructor.Here is an example declaration:class CMyObj : public CBase{...TDblQueLink iLink;...};.../* construct list, supply offset of link member variable */TbdlQue<CMyObj> linkList(_FOFF(CMyObj,iLink));Objects are added to the linked list with AddFirst() and AddLast() to add to the beginning and end of the list, respectively.First() and Last() will return pointers to the first and last elements of the list.
To insert and delete items from a point in the middleof the list, use the current object’s TdblQueLink::Enque() andTdblQueLink::Deque() methods, respectively – these will insert anddelete at that point in the list.You can create an iterator to the list as follows:TDblQueIter<MyObj> iter(linkList);Use the iterator’s ++ and -- operators to traverse the list and returnpointers to list items.A single-linked list is available via the TSglQue<class T>, TSglQueLink and TSglQueIter<class T> classes.6.9.2 Circular BuffersUse CCirBuf<class T> to create a circular buffer of objects of typeT.
Use the TInt Add(const T* aPtr) to copy the data from the classpointed to by aPtr to the buffer. Items are removed using the TIntRemove(T* aPtr), which will copy the data at the current retrieveposition in the buffer to the area pointed to by aPtr. The data is extractedin a first in, first out fashion.OTHER DATA COLLECTION CLASSES215Before adding anything to the circular buffer, method SetLengthL()must be called to set the maximum length of the buffer.
If the buffer fillsup due to the data not being removed fast enough (via Remove()), thenthe next Add() method will return 0 indicating that the data cannot beadded.7Platform Security and Symbian SignedOpen platforms like Symbian OS enable a large selection of softwareto be developed, and made available to a user from many differentsources. However, having too much ‘openness’ can be a risk to boththe functionality of the device, and to private data. A malicious softwaredeveloper, for example, could wipe out important data on a device, or callfunctions that could disable features on the phone. Granted, smartphonesare more secure than PCs in some ways since the operating system itselfis built into Read Only Memory (ROM), and therefore recoverable byperforming a hard-reset operation, which is usually something a user canperform without needing to send the phone back to the manufacturer.However, an attack could still be disruptive since hard-resetting willcause all the user’s data to be lost.
The phone could also be vulnerableto an application that claims to perform one function, but instead makesphone calls, sends text messages, or otherwise uses the data networkby stealth, leading to unexpected and potentially large service bills. Andit’s not just malicious software a user needs to worry about – a phone’sfunctionality can also be compromised unintentionally by poorly writtensoftware.Customers expect smartphones to be highly reliable, and for theirprivate information to remain private. To address this, Symbian introduceda major feature into Symbian OS v9 known as ‘platform security’, wherebylarge changes were made to the core of the OS to support vital conceptssuch as data protection and to restrict certain APIs to code that can bedeemed ‘trusted’.7.1 What is Platform Security?Platform security has a simple goal: to keep out the kinds of intentionally rogue software, or ‘malware’, which plague the PC world.
The218PLATFORM SECURITY AND SYMBIAN SIGNEDmechanisms on which platform security is built, and the software testingsteps which form part of the signing process, also guarantee a level ofapplication robustness as well as generally raising the code quality bar.Platform security restricts unauthorized access to sensitive APIs that cancause bad things to happen in the device, maliciously or unintentionally.It also provides features that prevent an application from accessing thedata of other applications, and preventing access to areas of the filesystem that store installed executable binaries and configuration files,thus stopping tampering.
A secondary goal of platform security is tomaintain the platform’s openness as much as possible while keeping itsecure. Platform security consists of both an architecture and a process.The platform security architecture is the technical infrastructure bywhich Symbian OS secures itself.
This includes specifying and classifyingthe various levels of trust of the software and strictly enforcing accessrestrictions based on how much trust is granted.The platform security process – known as the Symbian Signed process – provides a way for a developer to get a level of trust grantedto an application. It consists of a procedure for submitting applicationsoftware for testing, specifying a requested level of trust, and evidencethat the application can be trusted to behave appropriately when usingthe restricted functionality.
Upon approval by Symbian (and in somecases, the phone manufacturer), the software is digitally signed with atrusted Symbian certificate so that it is then allowed to be installed andused on devices with trusted access to the system as requested. Havingthis signature is known as being Symbian Signed. If the software is notSymbian Signed, but is using API(s) that require this signing, then it willnot be installable on the device.Note that many applications will still not require access to restrictedAPIs and thus can be developed without being Symbian Signed.
Theseapplications can be built and installed right away on smartphones as withprevious Symbian OS versions. However, you still need to understandplatform security to know the limitations of the application, such as whichsystem functions it can access, and how to go through the applicationsigning process, should it later be required.This chapter will describe the Symbian Signed process in detail insection 7.5.2, but first discusses the main concepts of Symbian OS platform security.7.2 What Platform Security is NotSince the term ‘security’ is a broad one, it’s best to emphasize at this timewhat platform security does not cover.
Platform security does not detectand remove viruses (although it does make it harder for a virus to existsince software must be Symbian Signed to access sensitive areas), nor doesCAPABILITIES FOR API SECURITY219it include network protection (e.g., a firewall, or VPN). Platform securitydoes not include any cryptographic functionality like encrypting diskfiles (although as mentioned, cryptographic signing is used for identifyingapplications approved by the Symbian Signed process). Platform securitybasically provides protection for sensitive device functions that an application can control – including ones that can access private data – andprovides a system of assigning trust to every executable binary file.7.3 What this Means to a DeveloperThere’s no doubt that platform security has put extra work on developersthat was not there for previous versions of Symbian OS.
Inevitably, publicdiscussions have focused on the negatives. Platform security introducessignificant system-wide changes, and signing imposes new requirementson developers. The upshot is more work, more complexity, more pain.The good news is that since the publication of Craig Heath’s bookSymbian OS Platform Security, developers have access to an authoritativeintroduction to platform security on Symbian OS, complete with HowTo’s covering all the major use cases – writing apps, writing servers,writing plug-ins, sharing data.
It may not make the evolution to platformsecurity trivial, but it makes it doable.But above all, Heath makes the positive arguments about platformsecurity persuasively. Market building is an essential dimension of platform security and Symbian Signed; an important part of their intent is tocreate willingness amongst users to download software, and that after allis what an open operating system is all about.There are still many applications that can be developed that do nottouch on the sensitive functions identified by platform security, and thusdo not need to go through this process, although some may still chooseto, as I’ll describe later in section 7.5.1.Let’s begin our discussion on using platform security with the basic‘atoms’ of trust defined by Symbian OS – capabilities.7.4 Capabilities for API SecurityPlatform security divides sensitive operating system functions into 20named sets known as capabilities.
You can think of each capability as abox of functions with a combination lock on it. An application can begiven the combination for as many of these boxes as it is approved touse. In this way, capabilities provide for fine-grained control over APIsecurity.For an application to obtain a particular capability and use protectedfunctionality (i.e., for it to get the ‘combination’) it must be authorized.220PLATFORM SECURITY AND SYMBIAN SIGNEDThe Symbian Signed program is the authority which gives authorization,although phone manufacturers may also be involved where access toparticularly sensitive functionality is requested.Capabilities are assigned at the process level (i.e., EXE files) and arespecified using the CAPABILITY keyword in an MMP build file, as I’llshow in more detail in section 7.4.7.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
