Gears security considerations

The BlackBerry® Browser is designed to prevent the databases of one Gears™ application from accessing the databases of another application. Gears applications on the BlackBerry Browser can access only those resources with the same scheme, domain, and port number, as the application.

The BlackBerry Browser creates a database for an application in a domain-specific subfolder within a Gears-specific folder. For example, for a Gears application located at www.mycompany.com/gearsapp, the browser creates a database in the following location on a media card:

/BlackBerry/system/appdata/rim/gears/mycompany/com

An application can access a database only by using path names that are relative to the origin domain. Applications cannot access databases using absolute path names.

As specified in the Gears specification, the browser does not allow access to SQLite® commands that can potentially compromise security, such as ATTACH DATABASE, DETACH DATABASE, and PRAGMA commands.

Index


Was this information helpful? Send us your comments.