search

dotnet / maui

.NET MAUI is the .NET Multi-platform App UI, a framework for building native device applications spanning mobile, tablet, and desktop.
https://dot.net/maui
MIT License
22.24k stars 1.76k forks source link

[Enhancement] Avoid MAUI Desktop development requiring the enabling of side-loading in Windows #1784

Closed TheCakeMonster closed 3 years ago

TheCakeMonster commented 3 years ago

Summary

Developing MAUI apps for Windows requires developers to turn on side-loading (now known as Developer Mode) in Windows to even debug their application. This exposes developers to increased security risk, as it becomes possible for any WinUI/UWP application to be installed from any source.

This negates the security benefits that this mode provides for any developer, and exposes the companies they work for to greater risk of security incident.

Preferred solution

Is it possible to self-sign applications by default during development, so that they can be deployed locally for debugging without enabling side-loading?

Alternative solutions

  1. Use WPF to host MAUI on Windows, as was the case with Xamarin Forms.
  2. Do not require that the application be deployed in order to debug it. This isn't necessary in other UI technologies - WinForms and WPF, for example - so why is it required for WinUI?

Intended Use Case

Developers do not always make the best decisions when it comes to the installation of things from non-trusted sources. Developers come in all ages and levels of experience. Those that are very junior may not appreciate the risk of side-loading applications that they have not developed themselves. Teaching developers to turn off security features by default is far from ideal, putting them and their companies at risk. Bad habits like this learned at an early age become very difficult to break.

It should not be necessary to enable side-loading to develop applications in MAUI.

Enabling side-loading isn't granular. There is no way to enable some scenarios without enabling it all. As a result, WinUI isn't a great option. Using WPF for MAUI may have been a better choice, as was the case with Xamarin Forms.

This is borderline a security issue because of the risk this raises, but I have chosen to raise it as a feature request.

TheCakeMonster commented 3 years ago

It might be helpful for me to create a little context here. I expect my general usage of MAUI to be to build .NET desktop applications using Blazor components, as more of my development time is spent building for the web than for Windows. I don't need the UI features that WinUI is built to provide; instead, what I mostly want is to create the same UI on all of the operating systems that can be available to me.

The needs I have for the host of the MAUI apps are pretty limited. That's why it would have made more sense for WPF to act as the host than WinUI. WinUI seems to bring a number of disadvantages to this usage scenario and very few, if any, advantages.

The additional complexity of special permissions, MSIX installations, large packages and dependencies on the very latest and greatest of Windows features that seems to be a part of WinUI isn't bringing any benefit - quite the opposite.

Redth commented 3 years ago

Today we do not yet support unpackaged apps, and only MSIX packaged which is what introduces the requirement of enabling Developer Mode to sideload these apps.

Supporting Unpackaged apps is on the roadmap and can be tracked here: https://github.com/dotnet/maui/issues/3166

Once we have this support, you should no longer be required to enable developer mode and use sideloading.

Thanks!