Understanding Windows Mobile Application Security Policies

Oct 15, 2010 | 42Gears Team

Execution of programs on Windows Mobile devices depends on the application signatures and their permission levels. Devices can be configured to the following security settings.

    • Security off

Unsigned applications are allowed to run without any prompt and they can access privileged APIs, or protected areas of the registry and file system.

    • One-tier prompt

The device prompts the user before executing unsigned applications. Once the user allows the execution, application has no restriction on permissions. This is usually safe if you trust the application developer or vendor.

    • Two-tier prompt

The device prompts the user before executing unsigned applications. If the user allows an unsigned application to execute, the application executes with normal permissions but cannot access privileged APIs, or protected areas of the registry and file system. Even the signed applications cannot access the privileged resources unless they are signed with a certificate in the privileged certificate store.

    • Mobile2Market locked

Only signed applications are allowed to execute. Unsigned applications don’t prompt the user when executed. Permissions given to signed applications depend on the certificate with which they were signed i.e. signed with certificate from the privileged certificate store or the normal certificate store.

Exclusive News and Updates on Enterprise Mobility!

Subscribe for our free newsletter

Thank you! you are successfully subscribed.
Please enter a valid official email
* I consent to receive newsletters via email from 42Gears and its Affiliates.
Please agree
* I have reviewed and agreed to 42Gears Privacy Policy and Terms of Use prior to subscribing and understand that I may change my preference or unsubscribe at any time.
Please agree

chat