MSIX: Container escape

MVP

Packaged up Notepad++ using the MSIX Packaging Tool.  

The tool fails to detect that the main program can elevate itself.  I am guessing it isn't manifested and is code based elevation.

 

Using the packaged version running in a container, open up a text file from c:\Windows, make a change and try to save the file.  Notepad++ will detect that you can't write to that location and via popup offer to elevate so that you can.  This elevation creates a new Notepad++ that is elevated and running outside of the container.

0 Replies