Uploaded image for project: 'Qt Mobility'
  1. Qt Mobility
  2. QTMOBILITY-743

Many QtMobility binaries are given unnecessary PlatSec capabilities on Symbian

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Out of scope
    • Icon: P2: Important P2: Important
    • None
    • 1.0.1
    • Build System
    • None

      The rules for deciding which PlatSec capabilities to assign to a given binary (via the TARGET.CAPABILITY qmake variable) are basically:

      1. DLLs (including plugins) should have 'ALL -TCB'
      2. Executables should have the minimum set of capabilities which they require. This means 'the union of capabilities demanded by the APIs called by the process, whether called directly or by one of the DLLs which the executable loads'

      When building a self-signed SIS file, the Qt toolchain patches the binaries going into it, to remove any capabilities not in the User Capabilities group. If the .pro file contains capabilities which are in the System Group, SIS creation fails.

      Many of the executables (examples, demos, tests) in QtMobility are granted unnecessary capabilities. For example, almost all of the auto tests are granted 'ALL -TCB' which means that they cannot be self-signed. The attached file capability.txt shows the result of a very quick scan across the codebase.

      A more thorough review should be carried out, to look at the capabilities assigned to each executable, and to reduce this to the minimum set required.

        1. capability.txt
          22 kB
          Gareth Stockwell
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            wbeck Wolfgang Beck (closed Nokia identity) (Inactive)
            gastockw Gareth Stockwell
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes