Details
Manages a Windows app’s ability to share data between users who have installed the app. Data is shared through the SharedLocal folder. This folder is available through the Windows.Storage API.
The recommended state for this setting is: Disabled.
Rationale:
Users of a system could accidentally share sensitive data with other users on the same system.
Impact:
None – this is the default behavior.
Solution
To establish the recommended configuration via GP, set the following UI path to Disabled:
Computer ConfigurationPoliciesAdministrative TemplatesWindows ComponentsApp Package DeploymentAllow a Windows app to share application data between users
Note: This Group Policy path may not exist by default. It is provided by the Group Policy template AppxPackageManager.admx/adml that is included with the Microsoft Windows 10 RTM (Release 1507) Administrative Templates (or newer).
Default Value:
Disabled. (Windows apps won’t be able to share app data with other instances of that app.)
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Media Protection.This control applies to the following type of system Windows.