Capabilities (Symbian Signed)/TCB Capability
The TCB (Trusted Computing Base) platform security capability protects the core set of processes that enforce security on the rest of the platform.
Applications that wish to use this capability must first obtain permission from the device manufacturer
- Device Manufacturer Capabilities - see this for information about device manufacturer capabilities
- Sensitive Applications - see this article for examples of application types that may need TCB. Note that it is unlikely that any new process will be given TCB, with the exception of debug tools used during product creation.
- A trusted computing base is the foundation of any secure system.
- The /sys and /resource directories are protected, because process capabilities are encoded in the executable header.
- Certificates are checked at install time by the software installer, rather than at load time by the loader.
- Tcb allows write access to \sys and \resource directories. This is the most critical capability as it allows write access to executables, which contain the capabilities that define the security attributes of a process.
- The file server checks TCB capability when a process attempts to access /sys or write to /resource
- The kernel and device drivers check TCB capability on certain APIs intended for use by the file server
- The kernel has TCB capability because code running in kernel mode can access the whole system.
- The file server has TCB capability because it is responsible for enforcing security of the file system
- The software install server has TCB capability because it needs to write to /sys and /resource when installing software.
- Device drivers need TCB because they are loaded into the kernel process and run in kernel mode.
- File server plugins (extensions and filesystems) need TCB because they are loaded into the file server process.