How do I make my UWP app run with Full Trust?

Allanjb 246 Reputation points
2021-07-21T02:15:31.73+00:00

Looking at the Microsoft documentation for the "runFullTrust" restricted capability, which allows apps to run at the full trust permission level on the user's machine: It looks as though I should be able to run my app with this capability without launching another process through a desktop bridge.
I have a C# DLL that calls Win32 methods via DLLImport.
I need to access arbitrary folders on my D-Drive that contain .lnk files.
I will not be publishing to the Store but using the app internally.
To run my app through a desktop bridge seems overly complicated for what I am trying to do.
If I could access ".lnk" files through the Windows.Storage namespace, it would not be a problem.

Developer technologies | Universal Windows Platform (UWP)
0 comments No comments
{count} votes

Accepted answer
  1. AryaDing-MSFT 2,916 Reputation points
    2021-07-21T06:40:50.017+00:00

    Hi,

    Welcome to Microsoft Q&A!

    You might misunderstand the usage of “runFulLTrust”, you can’t use it to get permission to access any files as you expected. From the official document, we could realize that there are two scenarios required to use this capability, one is to use FullTrustProcessLauncher API, the another is for any desktop application that is delivered as an appx or msix package (as with the Desktop Bridge).

    If you just want to access arbitrary folders on your D-Drive that contain files, you don’t need to make your app with "runFullTrust" capability. I suggest you could use picker to do this, more info could be found here.

    For example:

    var picker = new FileOpenPicker();  
    picker.ViewMode = PickerViewMode.Thumbnail;  
    picker.SuggestedStartLocation = PickerLocationId.PicturesLibrary;  
    picker.FileTypeFilter.Add("*");  
    StorageFile file = await picker.PickSingleFileAsync(); //select a file  
    if (file != null)  
    {  
        // operate the selected file  
    }  
    else  
    {  
          
    }  
    

    If you don't want to have user interaction like the above, you could use StorageFile.GetFileFromPathAsync(String) method to access the file with the specified path. In this way, you need to declare broadFileSystemAccess capability in Package.appxmanifest like the following. Besides, you need to grant the permission in Settings app for this uwp app, access is configurable in Settings > Privacy > File system.

    <Package  
      ...  
      xmlns:rescap="http://schemas.microsoft.com/appx/manifest/foundation/windows10/restrictedcapabilities"  
      IgnorableNamespaces="uap mp rescap">  
    ...  
    <Capabilities>  
        <rescap:Capability Name="broadFileSystemAccess" />  
    </Capabilities>  
    

    Update:

    The official document mentions that StorageFile objects can't represent files that are ".lnk", ".url", or ".wsh" file types. Therefore, it isn’t fessible to access ink file in a dependent uwp app.

    We could do this issue through Desktop bridge and use File.Open() method to get the filestream in desktop application, then you could use AppService to communction between with two apps and pass this filestream to the uwp app.


    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


1 additional answer

Sort by: Most helpful
  1. Allanjb 246 Reputation points
    2021-07-22T13:02:31.29+00:00

    Thanks for the update, for now I will stick with WPF for this kind of App.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.