Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: PartialTrustApplication and isolatedWin32-* Capabilities can't be declared in one package #23

Closed
AndromedaMelody opened this issue May 25, 2023 · 3 comments · Fixed by #24
Closed

[Bug]: PartialTrustApplication and isolatedWin32-* Capabilities can't be declared in one package #23

AndromedaMelody opened this issue May 25, 2023 · 3 comments · Fixed by #24
Assignees
@lilybarkley-msft
Labels
Category:packaging Packaging related documentation Improvements or additions to documentation

Comments

@AndromedaMelody
Copy link

AndromedaMelody commented May 25, 2023
edited
Loading

Version

Windows: 10.0.25370.1

Repro Steps

According to AppxManifest Document and microsoft/WindowsAppSDK#219 :

  1. Add EntryPoint="windows.partialTrustApplication" or uap10:RuntimeBehavior="packagedClassicApp" uap10:TrustLevel="appContainer" in <Application>;
    Add uap10:TrustLevel="appContainer" previewsecurity2:RuntimeBehavior="appSilo" in <Application>.
  2. Add isolatedWin32-* in <Capabilities>.
  3. Register the package and run.

Unexpected Results

The application(PartialTrust) can't start, and the application(AppSilo) start properly.

Are there any relation between PartialTrust and AppSilo?

Screenshot 2023-05-26 004704
@AndromedaMelody AndromedaMelody added the bug Something isn't working label May 25, 2023
@AndromedaMelody AndromedaMelody changed the title [Bug]: PartialTrustApplication and isolatedWin32- Capabilities can't declare in one package [Bug]: PartialTrustApplication and isolatedWin32-* Capabilities can't declare in one package May 25, 2023
@AndromedaMelody AndromedaMelody changed the title [Bug]: PartialTrustApplication and isolatedWin32-* Capabilities can't declare in one package [Bug]: PartialTrustApplication and isolatedWin32-* Capabilities can't be declared in one package May 25, 2023
@lilybarkley-msft lilybarkley-msft added the documentation Improvements or additions to documentation label May 25, 2023
@lilybarkley-msft
Copy link
Contributor

I will update the documentation to reflect this, but isolated win32 apps aren't compatible with other application types within the same package

@tiangao-ms tiangao-ms added Category:packaging Packaging related and removed bug Something isn't working labels May 26, 2023
@tiangao-ms tiangao-ms linked a pull request May 26, 2023 that will close this issue
Updating packaging docs for runFullTrust capability and multiple applications #24
Merged
@MouriNaruto
Copy link

@lilybarkley-msft

but isolated win32 apps aren't compatible with other application types within the same package

In my opinion, some components in a package may not need the extra attacking surface provided by the App Silo. So, it's necessary for support both App Silo and Partial Trust in one app package.

Even I hope we can run something as the pure App Container (even the Low Privileged App Container which used in Chromium-based web browsers) or Partial Trust in an app which run as App Silo for continually improving the security and privacy.

Kenji Mouri

@lilybarkley-msft
Copy link
Contributor

In my opinion, some components in a package may not need the extra attacking surface provided by the App Silo. So, it's necessary for support both App Silo and Partial Trust in one app package.

This is a good point, I'll have a discussion about this with the rest of the team

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lilybarkley-msft lilybarkley-msft

Labels
Category:packaging Packaging related documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
4 participants
@MouriNaruto @AndromedaMelody @tiangao-ms @lilybarkley-msft