lilybarkley-msft
commented
1 year ago I will update the documentation to reflect this, but isolated win32 apps aren't compatible with other application types within the same package
Closed AndromedaMelody closed 1 year ago
lilybarkley-msft
commented
1 year ago I will update the documentation to reflect this, but isolated win32 apps aren't compatible with other application types within the same package
MouriNaruto
commented
1 year ago @lilybarkley-msft
but isolated win32 apps aren't compatible with other application types within the same package
In my opinion, some components in a package may not need the extra attacking surface provided by the App Silo. So, it's necessary for support both App Silo and Partial Trust in one app package.
Even I hope we can run something as the pure App Container (even the Low Privileged App Container which used in Chromium-based web browsers) or Partial Trust in an app which run as App Silo for continually improving the security and privacy.
Kenji Mouri
lilybarkley-msft
commented
1 year ago In my opinion, some components in a package may not need the extra attacking surface provided by the App Silo. So, it's necessary for support both App Silo and Partial Trust in one app package.
This is a good point, I'll have a discussion about this with the rest of the team
Version
Windows: 10.0.25370.1
Repro Steps
According to AppxManifest Document and microsoft/WindowsAppSDK#219 :
EntryPoint="windows.partialTrustApplication"oruap10:RuntimeBehavior="packagedClassicApp" uap10:TrustLevel="appContainer"in<Application>; Adduap10:TrustLevel="appContainer" previewsecurity2:RuntimeBehavior="appSilo"in<Application>.isolatedWin32-*in<Capabilities>.Unexpected Results
The application(PartialTrust) can't start, and the application(AppSilo) start properly.
Are there any relation between PartialTrust and AppSilo?