Windows Store Projects

One of the ways a Windows RT application are by definition slightly more limited than those of a traditional .NET application are based on limitations imposed by the Windows Store. When you create a Visual Basic application that targets the Windows Store you will have a requirement for an additional set of permission requests.

Figure 18.1 shows a newly created sample Windows Store application. This Visual Basic application includes a Package.appxmanifest file. After you open this file for editing, it is possible to modify many of the characteristics associated with your application—from UI elements associated with your application, and Packaging considerations, to a description of key capabilities aka system features—that your application will access.

Figure 18.1 Defining Windows Store app access permissions

The Capabilities tab is selected in Figure 18.1 because it could also be labeled “Permissions.” This tab is where you must define what access to the file system and related system features your application will use. Unlike the other security elements that this chapter will discuss, this section defaults to no access with the exception of network access.

More important, because your application will deploy through the Windows Store and as such be tested for compatibility with the selections you make on this page—these become the first level of security within your application. Keep in mind that the Windows Store is going to publish exactly how much permission your application is requesting, so just defaulting to asking for everything isn't going to be well received.

The reality is that when you are developing a Windows Store application you are going to be working with an additional security layer not present for traditional .NET applications. This display is a good reflection of how as Windows moves to a more controlled runtime environment, you will need to be more explicit in providing the metadata that describes what capabilities your application provides and consumes. Of course these new limitations are in addition to the security controls that already exist for .NET applications.