W3C home > Mailing lists > Public > public-device-apis@w3.org > December 2009

Re: UI for enabling webcam use from untrusted content

From: Kenton Varda <kenton@google.com>
Date: Fri, 11 Dec 2009 10:56:42 -0800
Message-ID: <4112ecad0912111056l68866a1ci1e077e6b6b999205@mail.gmail.com>
To: Ian Hickson <ian@hixie.ch>
Cc: "public-device-apis@w3.org" <public-device-apis@w3.org>
On Fri, Dec 11, 2009 at 10:31 AM, Ian Hickson <ian@hixie.ch> wrote:

> On Fri, 11 Dec 2009, Kenton Varda wrote:
> > On Fri, Dec 11, 2009 at 8:40 AM, Ian Hickson <ian@hixie.ch> wrote:
> > >
> > > I think once we've given a site access to the bits coming from the
> > > camera, we've got no way of knowing what the site is doing with the
> > > data, so we have to treat them as equivalent.
> >
> > Well, if there were a way for a script to be prohibited from
> > communicating with anything (remote servers, other processes on the
> > system, etc.), then you could safely give it access to the camera.
> > This could be a useful security property it some cases, but probably
> > isn't worth pursuing for the moment.  This relates to the
> > (un-Googlably-named) "*-Property":
> >
> > http://en.wikipedia.org/wiki/Bell-La_Padula_model
>
> You'd also have to block access to the local storage and cookie stores,
> and workers, and block access to other frames and windows, and prevent new
> CSS rules from being added, and prevent the user from clicking any links
> in the page. I'm not sure it'd be particularly useful.
>

I agree.
Received on Friday, 11 December 2009 18:57:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:14:03 GMT