Regarding Windows 10 file system access and privacy

Contributor

Dear community

English is not my first language, and my Windows is in danish, so please excuse spelling mistakes etc.

"Allow that apps gain acces to file system" = ON
"Choose which apps that shall have access to your file system" = List is empty / there is no apps

I have read the support site and other articles regarding the topic

The list with the apps that shall have access to my system is empty.
1)
Does that mean, that there is no apps that have access to my file system?

2)
What is the meaning of "file system"?
Is the Windows Pictures folder and Windows Documents folder?
Is it the WHOLE drive?

3)
Where can I see, which apps previously have been granted access to my file system?

4)
Is it possible to see, if deleted apps were granted access to file system?

Thank you in advance for replying!

Best regards

20 Replies

Hi,

here is the official support article about this:

https://support.microsoft.com/en-us/windows/-windows-10-file-system-access-and-privacy-a7d90b20-b252...

 

Q: Does that mean, that there is no apps that have access to my file system?

 

A: yes, no UWP app, but Win32 apps can have access to file system.

Exceptions to the file system access privacy settings

Not all apps will appear under Choose which apps can access your file system. Certain Windows programs, such as those that are downloaded from the internet or installed with some type of media (such as a CD, DVD, or USB storage device) won’t appear in that list and are not affected by the Allow apps access your file system setting. To allow or deny file system access for one of these programs, check the settings in the program itself.

 

 

Q:Is the Windows Pictures folder and Windows Documents folder?
Is it the WHOLE drive?

A: according to the description of file system in Windows settings:

 

dsda.png

 

it's not whole drive, it includes Documents, Pictures, Videos and local OneDrive files.

 

if you want to control the whole drive (and against Win32 apps), you can use controlled folder access feature in Windows Security (aka Windows Defender)

 

 

Q: Where can I see, which apps previously have been granted access to my file system?

A: in Windows Settings => Privacy => File system

 

Q: Is it possible to see, if deleted apps were granted access to file system?

A: probaby using Event Viewer in Windows

@HotCakeX 
Thank you for your reply!


I have never installed any software using CD, USB or another drive, so that excludes that.

A: according to the description of file system in Windows settings:
It states: Documents, Pictures, Videos and OneDrive files
1)

Does it refer to the standard / generic Windows folders?
2)

The same folders as in the menus for Privacy - Documents and Picutes and Videos?
3)

So the File system access function, only covers the Documents, Pictures, Videos and OneDrive folders?

My uncertainty sprung from other articles / forums using other phrases like:
"apps can access your full file system"
"permission to have broad file system access"

Q: Where can I see, which apps previously have been granted access to my file system?

A: in Windows Settings => Privacy => File system

4)

Apps that have requested permission (both declined and granted), do they appear in the list Choose which apps can access your file system?

Thanks in advance

CD,DVD,USB or Internet, they basically mean Win32 software but they use that language for non-tech-savvy people.

1 and 2. not sure what you mean by generic exactly but if you have Windows 10, you have documents, videos, music etc. and they are located in your User directory.
C:\Users\UserName

3. yes. only those folders and only applied to UWP apps.

4. yes. I only have 1 app in there, "Search", the rest of the apps I use didn't need access to file system, aka user folders in here: C:\Users\UserName

@emil frederiksen 

The filesystem access permission you refer to is broad access to the filesystem. It includes every folder the user has access to. This permission should never be needed or used by any normal app, so it is good that this list is empty.

 

Every UWP has certain default permissions for file system access which do not need to be granted seperately:

  • The applications install directory
  • The applications data location
  • Removable drives if it uses the AutoPlay extension
  • Files and Folders in the users "Downloads"-Directory, but only those which the App created itself

 

Fo an app to gain access to additional locations it has different options. For example it can gain access to well-known user folders (Pictures, Music, Videos, Documents...) with special permissions it has to be granted first. Each of the well known folders has it's own access mechanics for UWP apps and none are granted by default.

The second option (and most used normally if an app needs access to additional files on your system) is using the filepicker-dialog. This dialog is not part of the app and is presented by Windows to the user. The user then selects the file (or folder) that he wants to open in the app. The app now only gets a handle to the file or folder selected by the user, it does not gain access to the actual location.

The last option is the permission you asked for. This would grant an app broad filesystem access, meaning it can access everything the user can access, and without asking first! No normal app should ever need this permission and you should be very careful if you want to give this permission to any app at all.

If the list is empty, no currently installed App on your system uses this permission (as it should be).

 

As already mentioned by HotCakeX: All this only applies to UWP Apps (apps from the Microsoft Store) and not to old-school win32-applications. If you install anything on your system not from the Microsoft Store, you can't easily know what it can access. It can be nothing or all and everything in between.

 

@dretzer 

"This would grant an app broad filesystem access, meaning it can access everything the user can access, and without asking first!"

 

what's the Source for that?

 

the description this

 

fdsfsd.png

 

 

broad file system access, everything a user can access, I as the user, can access every single file on my computer, on any drive, hidden or not. I don't think that privacy option, once turned on, gives the same capability to UWP apps. but if it does, I like to read the source for that.

 

@HotCakeX 

The official documentation for file access permissions for UWP apps:

File access permissions - UWP applications | Microsoft Docs

 

Also experience from developing UWP apps helps. ;)

Never trust the simplified descriptions from end-user GUIs.

 

The full file system access permissions should never be used for any UWP app, the only reason it exists at all is that some special applications that wanted to port to UWP couldn't, because there was no way to get the same filesystem access as a normal win32-app. So microsoft added this permission in later Windows 10 builds, to lower another barrier for porting older apps to UWP.

Every normal app should never need this though. It is completely enough to just use the filepicker dialog or ask for permission to access pictures or music. In rare cases eventually even documents, but most of the time, none of this is needed for UWP.

I wrote a media-file-converter in UWP and as such the user needs to be able to open any video or audio file on his computer inside my app. Still I didn't need any file system access at all because I just used a filepicker dialog which the user can use to select the file he wants to convert. My app does not need any access to the file itself. The filepicker dialog (which is handled by Windows itself) hands me over the file and I don't even need to know where it came from.

UWP security is very top-notch and any app that asks for this "file system level permission" is very suspicious! I can't imagine a single valid scenario for any app to need this permission at the moment. I'm sure there are special cases, but none that I can think of.

The description is not wrong, so it is trustworthy, just doesn't include the additional info in here
https://docs.microsoft.com/en-us/windows/uwp/files/file-access-permissions
which makes sense since there is not enough space.

now according to the document,
By default, UWP apps can only access files and folders in the user's Downloads folder that they created. However, you can gain access to files and folders in the user's Downloads folder by calling a file picker (FileOpenPicker or FolderPicker) so that users can navigate and pick files or folders for UWP app to access.

(by default means no System file access granted yet)

in addition to that, WITH system file access permission, UWP app can access:

All files that the user has access to. For example: documents, pictures, photos, downloads, desktop, OneDrive, etc. (etc. is vague here, it could mean files/folder on other partitions, that makes system file access permission to give UWP apps access to every single file on user's computer, or it can mean other files in user directory, like contacts, app data and more which are located here: C:\Users\UserName)

Removable devices
Homegroup libraries
Media server devices (DLNA)
Universal Naming Convention (UNC) folders


@HotCakeX 

I meant the Documents, Videos etc. folders in C:\Users\UserName, yes.

 

I assume those are the same they refer to in The same folders as in the menus for Privacy - Documents and Picutes and Videos?

@dretzer 

Thank you so much for your enlightening replies

I have some questions regarding your inputs:

"For example it can gain access to well-known user folders (Pictures, Music, Videos, Documents...) with special permissions"

1)

The permissions in Privacy - Documents and Picutes and Videos?

2)
What is a filepicker dialog?
That you just open the file through the UWP?
(As Hotcake pointed out before, im not tech savvy)

 

"If you install anything on your system not from the Microsoft Store, you can't easily know what it can access"

3)

Where can I see, which software I have given access through time? And to what locations / directories?

You point out several times, that no apps should need or be given File system access.

4)
Does the list include apps that has been granted access earlier in time?
And also if the apps was deleted from the PC?

Thanks in advance for your further replies

@HotCakeX 

"Downloads folder by calling a file picker (FileOpenPicker or FolderPicker) so that users can navigate and pick files or folders for UWP app to access."
Stll only navigate and pick files or folders in the Download folder?

"etc. is vague here,"
Agree, but accordingly to Dretzer and his explanation, its all files then

@emil frederiksen 


@emil frederiksen wrote:

@HotCakeX 

I meant the Documents, Videos etc. folders in C:\Users\UserName, yes.

 

I assume those are the same they refer to in The same folders as in the menus for Privacy - Documents and Picutes and Videos?


Yes, that's correct

@emil frederiksen 


@emil frederiksen wrote:

@HotCakeX 

"Downloads folder by calling a file picker (FileOpenPicker or FolderPicker) so that users can navigate and pick files or folders for UWP app to access."
Stll only navigate and pick files or folders in the Download folder?

"etc. is vague here,"
Agree, but accordingly to Dretzer and his explanation, its all files then


Yup, if you don't give it file access permission, then you browse for files one by one if the app has implemented file picker.

 

Mmm maybe, I wish the document was more clear on that. there is actually an option to send feedback so I'll just do that.

@emil frederiksen 

1) Yes

 

2) The "filepicker-dialog" is a special dialog to present to a user to select a file or folder. The difference in UWP apps is that this dialog gets only called by the app, but not implemented by it. The dialog itself, that you get as a user, actually comes from the operating system itself. So it allows access inside the dialog to every location which you yourself have access to. The operating system ensures this way that a user can select any file or folder, even ones the app does not have access to, and hand it over to the app.

If you select a file in such a dialog, you actually didn't talk to the app, instead you told Windows that you want this file to be opened in the app. Windows itself then gets a handle to this file and just passes this to the app, without giving the app itself any access to the location of the file. The app now can access the files metadata and use read/write permissions on the contents of the file, but nothing more. This is the most secure way to give an app access to any file on the system without the app needing any permission for it. But it means of course that you, as a user, have to select the file manually each time. The app can't access anything by itself without you handing it over each time.

 

3) For UWP apps: exactly where you already looked. In the privacy section of your Windows 10 settings. If an app is not there, it has no access (except to it's own program and data folder of course).

For win32-apps, you have to assume it has access to everything. Or you would have to learn about access control lists, ntfs permissions, object permissions, mandatory access control and more. You would need a lot of additional knowledge to exactly tell what a normal win32 app can and can't access. The general rule for win32-apps is that they can access at least everything you can. So if you can read it, so can the win32 program, if you can write or delete it, so can the program, and so on.

win32 apps are not sandboxed so they have all the same permissions as the user who launches the program. The problem is that they can even have more permissions than yourself, if implemented in certein ways. Remember that win32-apps normally come with an installer program that needs administrative permissions to execute. So for the time of the installation, the program has every permission possible on your system. you can hardly know what it really did in that time. If you don't trust a program, don't install it, easy as that.

This is one of the many upsides of UWP. Here you have clear visibility what it can and can't do and it doesn't get any extra permissions for installation. Afterwards it always runs in a special sandboxed mode so Windows can ensure your data privacy and security.

 

4) If you remove an UWP-app the app is removed completely, including all permissions you gave it. So the list shows you the current state of the system, not the history. If you give an app file-system-access it will show in the corresponding list, if you uninstall the app afterwards, it disappears from the list. removing an UWP app ist a complete removal as if the app was never there in the first place. The only things that may be left behind are user-specific data files in some cases but even those are removed in most cases.

Good idea sending them feedback

Thank you so much, for helping me out with my many questions regarding the topic

@dretzer 

Thank you for your long reply

It was really explanatory and understandable

 

3)
Here I was thinking not only about UWP, but about overall software. PC games installed through the Steam client, anti-malware software etc. I have given alot of software access to my drive through time. Was wondering, where I could locate / see that list?

More questions:
In File system and Allow apps to access your file system

The function is ON, and it was ON by default.

Does that mean, that apps get granted access automatically, or do they still have to ask for permission?
OFF, does that auto-block permissions?

@emil frederiksen 

The main switch for the setting enables the functionality. So setting this to OFF disables it entirely.

Having this setting ON just means that Windows will support the functionality, but apps still need to ask for this permission on a per-app basis. If you turn it OFF an app can't even ask for it as the basic functionality to even get file-system-access is disabled.

 

Regarding your games on Steam: as they are not using UWP it's the steam-clients responsibility to make sure your system is safe. Sadly history showed that Valve is very bad at this. There are sad storys with how they treated security researches in the past regarding bugs in the steam-client.

If security is your concern, I recommend looking for your games on the microsoft store before you buy them on steam. Only get games on steam if the game is not available on the Microsoft Store.

Also make sure your Windows account does not have administrative permissions but instead use a standard user account to use steam and steam games. Remember that non-UWP software always has the same permissions as you (and UAC for admin-accounts is not a security boundary).

If it is only UWP software, that can ask for file system access, and that that UWP is also accessible through the Microsoft store - is it then safe to assume, that UWP's are safe? (That they don't steal / upload my personal files)

The Steam games I have installed, is also accessible in the Microsoft Store, so I assume they are safe then.
I only have one user on my system, and it is the admin. I am cautious about what software I download, I always update my system and often scan for malware etc.

@emil frederiksen 

Could anyone please help me with the last question?

Thanks in advance

 

If it is only UWP software, that can ask for file system access, and that that UWP is also accessible through the Microsoft store - is it then safe to assume, that UWP's are safe? (That they don't steal / upload my personal files)