问题
I have a UWP app that requires the restricted capability "broadFileAccess" to access data from a file. I also have to use "runFullTrust" capability for registry access. My understanding was that an app in "runFullTrust" mode had both file and registry access permissions and that "runFullTrust" is a higher level capability.
Problem: I tried giving "runFullTrust" capability,but for some reason the file access permissions are denied and also I dont even have an option to enable it under Settings for the app. I also tried giving both the permissions,also then I got the File access denied error.
Question: Can I give "runFullTrust" capability to the app ,and will it automatically inherit "broadFileAccess: capability? Or is it something I am doing wrong?
回答1:
Derive from official document,
The runFullTrust restricted capability allows apps to run at the full trust permission level on the user’s machine. This capability is required to use the
FullTrustProcessLauncherAPI.This capability is also required for any desktop application that is delivered as an appx or msix package (as with the Desktop Bridge), and it will automatically appear in your manifest when packaging these apps using the Desktop App Converter (DAC) or Visual Studio.
The broadFileSystemAccess capability allows apps to get the same access to the file system as the user who is currently running the app without any additional file-picker style prompts during runtime. This capability works for the Windows.Storage APIs. Because users can grant or deny the permission any time in Settings, So if you have add this capability you also need to check the option in the setting page.
Access is configurable in Settings > Privacy > File system.
来源:https://stackoverflow.com/questions/55712539/is-runfulltrust-mode-in-uwp-app-capable-of-broadfileaccess-by-default