My DesktopBridge full trust app ships with a few DLLs I want to be able to load from another non-packaged 3rd party app (via injection).
The issue is that the permissions on the DLLs are set such that only application packages can "Read & Execute" while users can only "Read".
As the result the 3rd party regular desktop app is unable to load the DLLs with ERROR_ACCESS_DENIED.
So the question is: can my DesktopBridge app somehow mark the DLL as "Read & Execute" for the Users group without going through UAC (it seems the files are owned by SYSTEM)?
P.S. Why is Execute permission not given, but Read is?
This is not generally possible since your application could be uninstalled / serviced at any time, meaning the DLLs are no longer available to those other applications. The permissions are, at least in part, meant to prevent just this thing from happening.
MSIX supports a proper extension mechanism, but it relies on an out-of-process architecture and requires the target applications to be updated as well.
If you are dynamically injecting the DLLs and are in control of the lifetime of the other processes, you could temporarily copy the DLLs from your install location to another location on disk, load them into the other processes, then delete the copies after they are no longer in use.
This is also not recommended, since it runs the risk of leaving those DLLs around if you have a crash or other bug. Nevertheless, it "works" if you have specific requirements that absolutely need this combination to work (you must be MSIX-packaged for reason X, and you must inject the DLLs in-process with the other non-packaged apps for reason Y) and, ideally, you are not broadly distributing this app due to the drawbacks of the approach.