App-V packages, run inside a virtual environment (or bubble)
In App-V 5 one can pull random processes/programs into an App-V environment.
1. On any executable, add the /appvve:<PackageID>_<VersionID> of the sequence in which one would like the executable to run
2. If the process is already running then use the /appvpid:<ProcessId> to inject into a running App-V virtual environment
3. If you want something more permanent, you can set the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Client\RunVirtual\<YourApplicationName> with a default REG_SZ key that has the executable name in it
In a picture, this is what it looks like:
This is all pretty amazing but it got me thinking, what happens if an application inside the virtual environment launches another non-App-V process, does it launch within the virtual environment (one would hope it does) or not.
To test how the launch works, I wrote a very simple application, that enumerates all the modules in a process and also (re)launches itself. I then would launch it with the /appvve switch and check so see by looking for a sentinel value whether the process was in the virtual environment or not.
The sentinel value appears to be AppVEntSubsystems32.dll (presumably AppVEntSubsystems64.dll for 64 bit processes).
The results are conclusive, as one as one can see the second process does launch and it launches without an extra work inside the virtual environment, as one would expect.
Here are is the result:
Here is a download link for the ProcessLauncher application if you would like to try this yourself.