All MIDP applications are "untrusted" unless otherwise setup to have some explicit trust, this is done by giving each MIDlet suite it's own resources and not allowing access to or "see" other suites resources.
However, while restricting access to resources MIDP must also:
The first feature depends on the MIDletSuiteLoader
class and
SecurityToken
class. MIDletSuiteLoader
, being the
first class
running in the VM is implicitly trusted to create and issue
SecurityToken
objects to the internal classes that need them.
Restricted internal methods take a SecurityToken
as an extra
argument, which they check before performing their task. A "untrusted" MIDlet
cannot get a SecurityToken
object on its own so it will be
restricted.
The second feature is depends on the Scheduler
class,
MIDletSuite
interface, and Installer
class. The
Scheduler
is anchor of trust, from which a restricted public
method can get the interface to scheduled suite and check to see if the suite
is permitted perform the action. The Installer
class determines
if a suite is "trusted".