Scott
Wed Nov 08 18:45:57 CST 2006
Also, your conclusion is correct.
--
Scott Yost
Software Development Engineer/Test
Microsoft Corp.
This posting is provided "AS IS" with no warranties, and confers no rights.
"Nino Benvenuti" <NinoBenvenuti@discussions.microsoft.com> wrote in message
news:0915F00C-AB61-4433-BDF9-7205E3504CF1@microsoft.com...
> Here are some materials on WM5 security:
>
>
http://msdn2.microsoft.com/en-us/library/ms839681.aspx
>
>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/mobilesdk5/html/wce51conwindowsmobiledevicesecuritymodel.asp
>
>
http://blogs.msdn.com/windowsmobile/archive/2005/12/17/security_model_faq.aspx
>
>
http://blogs.msdn.com/marcpe/archive/2006/10/24/windows-mobile-5-0-role-security.aspx
>
> There have also been a number of discussions about this in this group, so
> a
> search of the archives would likely be helpful as well.
>
> --
> Nino Benvenuti
> Device Application Development MVP
>
http://nino.net/blog
>
>
> "ID" wrote:
>
>> Hi,
>>
>> When a new application is going to be executed, WM does the code
>> signing verification and ask the user to run or not the application
>> (i.e. "The program if from an unknown publisher. Running it can
>> possibly harm your device. Do you want to continue?"). If the user
>> accepts to run the application, WM is not going to ask again if the
>> user want to run the application. However, if the application is
>> modified (i.e. changing a bit of the binary file), WM ask you again the
>> same question, as the application were new.
>> My conclusion is that WM keeps a database with the integrity hash of
>> each application the user have accepted to run, maybe in the system
>> registry.
>>
>> Can somebody explain me how this verification works in WM5 or where to
>> find information about it?
>>
>> Thanks,
>> ID
>>
>>