Skip to content

Latest commit

 

History

History
26 lines (19 loc) · 1.95 KB

storage.md

File metadata and controls

26 lines (19 loc) · 1.95 KB

Summary

We're using a sandbox alike solution along with other Windows Security Features to protect app data, so each app will be limited to access data related to itself.

HDD

There're 3 kinds of priviledges we provide for the following path:

  • Writable: installed apps have write access to several per-app systems paths obtained by passing a ConstantsSDKDataTypesConstants.*_TAG value to Storage.GetLocalPath() or Storage.GetLocalPathAsync() (see example).

    You can also visit directories under your current user name, like C:\\Users\\{user name} (in C#, use Environment.UserName), but we strongly recommend you only write to paths obtained from GetLocalPath().

  • Read-Only: the app's installation directory is read-only to the app; you CANNOT write to the directory where it is installed or run from. To get it:

     // appid = the app id you get/created for your app, from Subor Team, or on the dev portal.
     var installPath = SDK.Storage.GetLocalPathAsync(ConstantsSDKDataTypesConstants.HDD0_DRIVER_TAG + appid, CancellationToken.None).Result;
     // read any content from installPath, but write to it is forbidden
  • Fully denied: access to any other app's install/writable/read-only paths or any system path will cause an Exception.

Registry

During app installation, we create a path in the Windows Registry which is only visible to the current app. It's safe to save data there and it can't be read/written by other apps:

// appid = the app id you get/created for your app, from Subor Team, or on the dev portal.
var exclusiveRegistryPath = @"SOFTWARE\Ruyi\Apps\" + appid;