This is a discussion between me and me to understand an Isolated Storage issue. Can you help me to convince me about Isolated Storage?

This is code written for a Windows Forms application (reader) that read the isolated storage of another Windows Forms application (writer) which is signed. Where is the security if the reader can read the writer’s file? I thought only signed code can access the file!

If all .NET applications are born equal and have all permissions to access Isolated Storage, where is the security then? If I can install and run an EXE file from Isolated Storage, why I don’t install a virus and run it, I am trusted to access this area. But the virus or whatever will not be trusted to access the rest of file system, it only can access the memory, and this is dangerous enough.

I cannot see any difference between using the application data folder to save the state and using Isolated Storage except a long nasty path!!

I want to try give low trust to reader code and retest, but they said “Isolated storage is actually created for giving low trusted application the right to save its state”.

Reader code:

 private void button1_Click(object sender, EventArgs e)
 {
     String path = @"C:\Documents and Settings\All Users\Application Data\IsolatedStorage\efv5cmbz.ewt\2ehuny0c.qvv\StrongName.5v3airc2lkv0onfrhsm2h3uiio35oarw\AssemFiles\toto12\ABC.txt";
     StreamReader reader = new StreamReader(path);
     var test = reader.ReadLine();
     reader.Close();
 }

Writer:

private void button1_Click(object sender, EventArgs e)
{
    IsolatedStorageFile isolatedFile = IsolatedStorageFile.GetMachineStoreForAssembly();
    isolatedFile.CreateDirectory("toto12");

    IsolatedStorageFileStream isolatedStorage = new IsolatedStorageFileStream(@"toto12\ABC.txt", System.IO.FileMode.Create, isolatedFile);
    StreamWriter writer = new StreamWriter(isolatedStorage);
    writer.WriteLine("Ana 2akol we ashrab kai a3eesh wa akbora");
    writer.Close();
    writer.Dispose();
}