MMAPI and the MIDP Security Model
For reasons of privacy the following Mobile Media API calls are restricted under the MIDP 2.0 security model (see Mobile Media API Specification 1.1 Maintenance Release at http://jcp.org.)
• RecordControl.setRecordLocation(String locator)
• RecordControl.setRecordStream(OutputStream stream)
• VideoControl.getSnapshot(String type).
Under the MIDP 2.0 security model, a signed MIDlet suite which contains MIDlets that make use of these APIs must explicitly request the appropriate permission in its MIDlet-Permissions attribute. The required MIDlet-Permissions attribute entries in the JAD file or manifest are as follows:
MIDlet-Permissions: javax.microedition.media.control.RecordControl, or:
MIDlet-Permissions:
javax.microedition.media.control.VideoControl.getSnapshot, ...
These protected APIs are part of the Multimedia Recording function group as defined by the Recommended Security Policy for GSM/UMTS Compliant Devices addendum to the MIDP 2.0 specification.
It must also be remembered that if a MIDlet in a signed MIDlet suite makes use of a protected API of the javax.microedition.io package, for instance to fetch media content over HTTP, then explicit permission to access that API must be requested in the MlDlet-Permissions attribute. This is the case even if it is fetched implicitly, perhaps by calling:
Manager.createPlayer("www.myserver.com/video.3gp")
Whether MIDlets in untrusted MIDlet suites can use the protected APIs of the MMAPI depends on the security policy relating to the untrusted domain in force on the device. Under the JTWI Release 1 Security Policy for GSM/UMTS Compliant Devices, MIDlets in untrusted MIDlet suites can access the Multimedia Recording function group APIs with explicit permission from the user. The default user permission setting is oneshot (''Ask every time'').
Current devices based on the MIDP 2.0-enabled Series 60 Developer Platform 2.0, such as the Nokia 6600, support both audio recording and capturing snapshots. The security policy for the untrusted domain on this device complies with the JTWI Release 1 requirements. Note that on the Nokia 6600, the user may change the default user permission from oneshot to session (''Ask first time'') in the following manner (see Figure 3.28):
1. Navigate to the main menu.
2. Select the Application Manager.
3. Highlight the appropriate MIDlet from the list of applications.
4. Select Options > Settings > Multimedia.
Devices based on the MIDP 1.0-enabled Series 60 Developer Platform 1.x, such as the Nokia 3650, only support the capture of snapshots. Obviously such devices are not subject to the MIDP 2.0 security requirements. Taking photos using the getSnapshot() method of the VideoCon-trol does not require explicit user permission on these devices.
- Figure 3.28 Changing the default user permission on the Nokia 6600.
Post a comment