Declaring an App Capability in manifest file, we can have our UWP app access certain folders such as Pictures, Videos, Music etc.
Moreover, the broadFileSystemAccess capability allows apps to get the same access to the file system as the user who is currently running the app without any additional file-picker style prompts during runtime.
But how about even if the user has access to his/her entire system but wants a UWP app to access only a specific folder needed for the app to have read access. Can we implement such a functionality in a UWP app without using file-picker?
Why do I need that?: Our app reads files from a folder that is too big to be included inside the app and has tons of files of various types inside it. Only read-access is needed.
But how about even if the user has access to his/her entire system but wants a UWP app to access only a specific folder needed for the app to have read access.
You could not create that folder only has read access capability for current user. And the folder's attribute is control on the system level. You could only create the folder and set attribute as read only for other user. And that could not be achieved(System.IO.File.SetAttributes) in uwp platform.
Yes, the folder is provided for download. But, I'm not sure if a UWP app can have an entire folder (specially a large data folder) downloaded inside it have it's code read it.
For the requirement, you could store the download in your app's LocalFolder and there are no general size restriction on local data stored. And it only could be accessed for current app.
var localFolder = Windows.Storage.ApplicationData.Current.LocalFolder;
Certainly, you could also store the large data in the Download folder. For more info please refer this document.
I'll try to provide you the logic of why your request is conflicting and thus not implemented at the system level.
Sandboxing means that the app has the access only to its own folders. From the system aspect the only exception to that rule could be that some folders are not considered security critical (like Pictures, Music, Downloads) and you may declare access to those folders. The second exception is if the user gives you access to the folder. In both of those cases sandboxing is not broken because the expansion of the sandbox is not arbitrary. As soon as you arbitrarily want to expand the sandbox, there is no difference in safety between having access to whole the system and few folders that you randomly pick. I am not sure how do you see the difference in that - in both case you arbitrarily pick to access some folders just if you have the access to whole the disk you do that from the code while if there was some capability to do that through some declaration then you would do it through declaration. But effects are the same - your app has arbitrary access to the unsafe portions of the disk that depends only on your preferences.
Related
Is there a way to get a list of folders that my Application has permission to access, and how would I add a new folder to the list? For Example, Documents Folder, Picture Folder, etc.. etc.. And how to make this list of Folders persistent between application starts?
You can use KnownFolders static class to get common folders such as Documents, Pictures, etc. However, to be able to freely access them, you need to specify appropriate capabilities in your manifest (like 'Pictures Library', for example).
For any other arbitrary folder, you will need to explicitly ask user to pick it using FolderPicker. You can then save this folder for future access using FutureAccessList or MostRecentlyUsedList.
There is a good sample covering all those options in UWP samples repo.
I am creating an Windows Explorer kind of app using metro UI. I want to show content of a certain folder in my User folder.
I wanted to know if it is possible to access the folders and files inside users folder and how do I do it?
Edit :
I tried using StorageFolder. For documents folder, it gives me an exception.
The KnownFolders.DocumentsLibrary folder has restrictions on its use. You have to manually declare the capability in your manifest, declare specific file types you want to access, and then to publish the app in the Store you have to be using a company account (not an individual account), and have to submit written justification for your programmatic use of the folder.
See http://msdn.microsoft.com/en-us/library/windows/apps/hh464936.aspx as well as the note for section 6.6 of http://msdn.microsoft.com/en-us/library/windows/apps/hh921583.aspx.
Note that this is for programmatic access without user consent. If you use the file picker, the user can of course point to the documents folder thereby giving you permission to use it. But without that, you need to use your app data folders where you do have programmatic access.
The underlying reasoning here is that files that your app it generating for its own use, that don't have direct meaning to the user, should go in app data to avoid polluting a folder like Documents with stuff that the user doesn't know what to do with. For "user data" files--which the user does understand, you should give them the option to choose where those files go, hence the use of the file picker.
A few file types like music, pictures, and video have direct library access via manifest capabilities, but in that case the user generally understands that they're working with that kind of data.
You can access the contents of users folder like this:
string path = Directory.GetParent(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile)).ToString();
Use SpecialFolder to get the user folder and Directory.Enumerate() for getting files in the folder.
Okay, so I am creating a c# winforms application.
I want to write/read from binary data file. But, I want to put that file in a folder somewhere and I do not want anyone to be able to delete or edit the file. I only want the program that uses the file to be able to access it.
Is this possible? I looked into MSDN's structure on file security and as I researched it I saw people complain that if you limit the file to a user then that person can just override the privileges and make it editable.
Also, I thought about how this would actually work considering in essence I would like a process to edit the file only and that process could have varying process ID's if it is opened and closed over time, seems tough.
Any thoughts?
Even though this will not satisfy all your requirements you can try IsolatedStorage (System.IO.IsolatedStorage Namespace).
How to write and read file in IsolatedStorage
The System.IO.IsolatedStorage namespace contains types that allow the
creation and use of isolated stores. With these stores, you can read
and write data that less trusted code cannot access and prevent the
exposure of sensitive information that can be saved elsewhere on the
file system. Data is stored in compartments that are isolated by the
current user and by the assembly in which the code exists.
Additionally, data can be isolated by domain. Roaming profiles can be
used in conjunction with isolated storage so isolated stores will
travel with the user's profile. The IsolatedStorageScope enumeration
indicates different types of isolation. For more information about
when to use isolated storage
You can prevent file access while your program is running if you open it exclusively.
However, when the program is not running, the file is no longer protected. So someone would just need to kill the program in order to access the file.
In order to protect the file while your program is not running, you'd need to set up a user account and assign it a password which is only known to the program. Then set the permissions of the file so that only your user can access the file.
However, any administrator can take over the ownership of the file, so even permission protection is useless.
Finally, someone can even take the hard disk out of the PC and read the raw data.
You might also think about whether you want to protect the file or the file content. If the file content is sensitive, think about encryption.
It really depends on your needs, which option to choose.
If you have control over the target filesystem prior to install then setup some file permissions and go from there. The user accessing the folder will need read permissions at minimum.
Run the app under a security group and assign persmissions to the folder and files with that security group. Revoke access for others and make it readonly
Windows 10 version 1709 introduced Controlled Folder Access. This allows you to whitelist applications that can modify certain folders. You cannot restrict Read access.
well, I have the same issue and I did some research on this subject and I found that secure your information in a accesspoint database or any other Microsoft data base with password and only one specific app that have the password will have the permission to do read/write to these information.
Pretty much I must find a way to populate image boxes with the corresponding information to the images, if it's possible in a Windows 8/Metro/Store App. I have a database with all the physical paths of the images which are stored on the local computer e.g: "c:\BookImages\spud.jpg". Now when i pull the information from the database with information about the book, I also take the file path of image("c:\BookImages\spud.jpg"). All i need to now do is to fetch the image and display it in a image box. But i do not how to do this, i have been researching for a while now, and I'm coming to the understanding that i cannot select file's from other than the actual install directory of the windows app. Unless i use a FileOpenPicker, which will be a useless for the user to select the folder which contains the images every time they run the app. If anyone has a solution to my problem please let me know it will be much appreciated.
See If all the directories were given access for a win rt app then it would be a security risk
So some specific folder are available try storing user data in there . After that only File Picker can Help.
Heres the link
Folders for winrt
Its a Microsoft policy so Please design app accordingly. You might needd to set capabilities in the app manifest file for some folders. Please go through it :)
The short answer is to have the user pick the folder once and save the StorageFolder in the Windows.Storage.AccessCache.
The long answer is that all this boils down to having your data store in a place that is programmatically accessible.
One option, as Anobik pointed out, is to use either your appdata folders (where you have open access), or something like the Pictures Library, which you can access given a capability in the manifest. This way you don't need to ask the user.
If you use the file picker to let the user select a folder for the data store, he or she has granted permission to access that folder programmatically, including its contained files.
The important thing is that you have to preserve that permission across sessions, which is the purpose of the AccessCache.
Think of a StorageFolder object (and a StorageFile) as an abstraction for a pathname--you never really want to save pathname strings unless you have inherent programmatic access to that location. This isn't true for stuff from the file picker, so you have to use the AccessCache to essentially save the folder reference and its permissions.
Kraig Brockschmidt
Author, Programming Windows 8 Apps with HTML, CSS, and JavaScript, a free ebook from Microsoft Press (also see second edition preview)
I have a windows Application that stores certain files in a directory. I would like to know if there is a way in .net that I can restrict users not to have access to that directly (by just going to that directory in windows, and grab files) so only my application can add/verify/delete a file in that directory.
Could you use the Isolated Storage in .Net? While, it isn't necessarily restricted away from your users it may be a lot harder to find.... (stores under the local settings\application data\isolated storage for the logged in user)
Via code you work with it by using / importing the System.Io.IsolatedStorage and then you can create directories, files, etc... normal.
You also don't have to keep track of the actual directory on the HD it's in as .Net manages this. Maybe a nice plus.
This is only possible if your application runs with different credentials than the user running the application.
By default all applications run with the credentials of the user who launched the process. This means the application has the same directory and file restrictions as the user. Without a different account, the application can only decrease it's ability to access the file system, not increase it.
Dealing with the file system is evil in general. Even if you could get the user to not play in that directory you still can't trust the results will be in the exact same state as you left them. It's possible for other users, physical disk corruption or any number of other things to corrupt your files.
The only way to sanely program the file system is to expect failure from the start and count yourself lucky when it actually works.
The application needs to run as a specific user - and that user will always have the same rights as your application. You can, potentially, make a service that runs as an administrator to prevent standard users from accessing a directory, but the administrator will still be able to change things in the directory.
I suggest you look for another approach for your problem. There are potentially alternatives - perhaps you should consider keeping some type of encrypted hash on the directory contents. That would at least allow you to verify that the contents have not been changed, although it won't prevent the change from occurring.
As others have mentioned, you need the application to act as a different user than the ones currently logged in. You should look into 'impersonation', here are some links that can get you started on getting your application to act as a different user when performing certain tasks:
http://csharptuning.blogspot.com/2007/06/impersonation-in-c.html
http://www.codeproject.com/KB/cs/cpimpersonation1.aspx
The easiest (although not secure in any way) method, would be to use a hidden folder, which the users know nothing about. so \servername\hiddenfiles$
A more secure alternative would be to change the credentials the program is using to access the folder. Is it necessary for them to access it as themselves?
An alternative would be to create a dummy account for each user, where they do not know the password. Make it relate to their windows login, so domain\myname becomes domain\mynamehidden. Then use this to connect to the directory.
This will ensure everything can be audited nicely too.
Look at FileSystemWatcher - it doesn't prevent from changes in directory, but allows to notify program about changes in dir.