[Feature]: More flexible virtualization for MSIX Container (AppSilo & DesktopBridge)

Summary

Add the ability for the app to declare specific folders that the developer want to be virtualized.

Pitch

From Win10 Version1903, MSIX Virtualization only work when the folder is located in %LocalAppData% and %AppData%. However, %ProgramData%, %UserProfile%\AppData\LocalLow, %UserProfile%.$(customFolder) also often are used to store data files. Some source code may be difficult to workaround for AppX/MSIX Package.

Form Win10 Version21H1, MSIX Container adds the ability for the app to declare specific folders and registry keys that the developer want to be unvirtualized. But MSIX doesn't support to declare specific folders that the developer want to be virtualized.

<virtualization:FileSystemWriteVirtualization>
  <virtualization:ExcludedDirectories>
    <virtualization:ExcludedDirectory>$(KnownFolder:LocalAppData)\ … </virtualization:ExcludedDirectory>
    <virtualization:ExcludedDirectory>$(KnownFolder:RoamingAppData)\ … </virtualization:ExcludedDirectory>
  </virtualization:ExcludedDirectories>
</virtualization:FileSystemWriteVirtualization>

Expect:

Basic:

<virtualization:FileSystemWriteVirtualization>
  <virtualization:ExcludedDirectories> …… </virtualization:ExcludedDirectories>
  <virtualization:IncludeDirectories>
    <virtualization:IncludeDirectory>$(KnownFolder:LocalAppDataLow)\ … </virtualization:IncludeDirectory>
    <virtualization:IncludeDirectory>$(KnownFolder:ProgramData)\ … </virtualization:IncludeDirectory>
    <virtualization:IncludeDirectory>$(KnownFolder:UserProfile)\.example\ … </virtualization:IncludeDirectory>
  </virtualization:IncludeDirectories>
</virtualization:FileSystemWriteVirtualization>

Advance:

Scope="User" specifies files and folders are written to a private per-user, per-app location; Scope="Machine" specifies files and folders are written to a private shared-user, per-app location; AddedItems/DeletedItems/ModifiedItems="Redirect" specifies the operation(create, delete or modify) are copied on write to a private per-app location; AddedItems/DeletedItems/ModifiedItems="Keep" specifies the operation(create, delete or modify) are performed directly without virtualization. For example:

<virtualization:FileSystemWriteVirtualization>
  <virtualization:Directories>
    <virtualization:Directory Scope="User" AddedItems="Keep" DeletedItems="Redirect" ModifiedItems="Redirect">$(KnownFolder:LocalAppData)\ … </virtualization:Directory>
    <virtualization:Directory Scope="User" AddedItems="Redirect" DeletedItems="Keep" ModifiedItems="Keep">$(KnownFolder:RoamingAppData)\Example\ … </virtualization:Directory>
    <virtualization:Directory Scope="User" AddedItems="Redirect" DeletedItems="Redirect" ModifiedItems="Redirect">$(KnownFolder:LocalAppDataLow)\ … </virtualization:Directory>
    <virtualization:Directory Scope="Machine" AddedItems="Redirect" DeletedItems="Redirect" ModifiedItems="Redirect">$(KnownFolder:ProgramData)\ … </virtualization:Directory>
    <virtualization:Directory Scope="User" AddedItems="Redirect" DeletedItems="Keep" ModifiedItems="Redirect">$(KnownFolder:UserProfile)\.example\ … </virtualization:Directory>
    <virtualization:Directory Scope="User" AddedItems="Keep" DeletedItems="Redirect" ModifiedItems="Keep">$(KnownFolder:UserProfile)\Documents\Example\… </virtualization:Directory>
    <virtualization:Directory Scope="Machine" AddedItems="Redirect" DeletedItems="Keep" ModifiedItems="Keep">$(KnownFolder:Public)\Documents\Example\… </virtualization:Directory>
  </virtualization:Directories>
</virtualization:FileSystemWriteVirtualization>

microsoft / win32-app-isolation