December 2008
Intermediate to advanced
443 pages
10h 24m
English
book
Common Design Patterns for Symbian OS: The Foundations of Smartphone Software
by Adrian A. I. Issott
Content preview from Common Design Patterns for Symbian OS: The Foundations of Smartphone Software
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
7.4. Cradle
Intent
Host DLL plug-ins in separate processes, operating at different levels of trust to your own, to securely increase the flexibility of your architecture whilst maintaining communication with each plug-in.
AKA
None known
7.4.1. Problem
7.4.1.1. Context
You need to provide a secure extension point in your component that supports extensive communication between the framework and the plug-ins whilst not overly restricting the plug-in providers.
7.4.1.2. Summary
Architectural extensibility has to be provided.
The potential damage caused by plug-ins needs to be limited by minimizing the capabilities they execute with (principle of least privilege).
It's desirable that the restrictions on who can provide plug-ins are as light as possible.
You wish to allow plug-ins to operate with a different set of capabilities than the framework.
You need to support a full communication channel between the framework and the plug-ins after the plug-ins have been loaded.
7.4.1.3. Description
If you're reading this pattern then you've probably tried to get Buckle (see page 252) to work but found that it doesn't provide a solution to this problem since you need to allow the plug-ins to operate at a different level of trust to the framework.
Quarantine (see page 260) is an alternative that does allow plug-ins to operate at a different level of trust to the framework but it only directly supports very simple, one-shot communication between the framework and each plug-in; in this context, ...