[Feature]: More detailed permissions management

[AndromedaMelody]

Summary

1. When declare some capabilitis instead of isolatedWin32-promptForAccess, App can access some special folder (such as %UserProfile%/Pictures,Documents…), like UWP.
2. Provide a detail list in Settings App's Private&Security > File system page for every app.
3. Documents need be tidied up and mark whether the capabilities can work in UWP, FullTrust, PartialTrust, CoreApplication(MediumIL), AppSlio or etc.

Pitch

1. UWP can access some special folder by declaring musicLibrary picturesLibrary videosLibrary removableStorage recordedCallsFolder objects3D documentsLibrary … without broadFileSystemAccess. Many applications need't access the whole file system, which only access these special folder.
2. • Only a 'Reset' button for AppSilo in 'Private & Security > File system' page. But AppSilo support remeber approved or denied path. So it is necessary to read or write this list in Settings App. Sandboxie-Plus is a good example.
   • Provide a new capability, whose behavior is like broadFileSystemAccess in UWP. The Prompt will only pop up once, and if the user approve, the application can access all file system without popping up the prompt again. For example, NanaZip is a file manager, users will get bored if pop up promet frequently.
3. I hope more and more permissions can be managed in AppSilo, not only file system. Finally it is similar to UWP.

[tiangao-ms]

If your program is using WinRT APIs to access files, the capabilities should work - they were designed for UWP apps. We currently do not have a plan to support the capabilities on win32 app yet, but we will explore the possibility when more apps have such requirements.

As for the detailed information for files the app has access to, it's on our to do list and it's definitely an improvement for transparency.