- From: Randell Jesup <randell-ietf@jesup.org>
- Date: Thu, 09 Jan 2014 18:28:59 -0500
- To: public-webrtc@w3.org
On 1/9/2014 12:39 AM, cowwoc wrote: > Okay, so here is my second attempt at this: > > We should be able to share any part of the display that the > application does not control. Meaning, the webapp might allow users to > share the contents of Excel so long as it has no control over what > gets displayed by Excel. Similarly, it should be allowed to share any > browser tab so long as it plays within its own host/origin. > > Assuming that co-browsing is a non-goal for now, is the above > (read-only screen sharing) safe from a security point of view? There are security issues even for read-only sharing. If the application can control an iframe in the shared tab/window, it could flick up images of private data it normally couldn't access (even via writing to a canvas) due to cross-origin restrictions. Data such as bank accounts, private user pages, etc. If it also has access to the camera, it could even wait until you (and the other person) weren't looking. Effectively, the level of risk involved is somewhere between granting camera access (which risks privacy, but not online/monetary data) and a full native desktop install (often used for screen sharing) or a plugin (both of which in theory can have access to the entire PC). A security level roughly equivalent to a desktop install (or plugin install) is relatively safe, though users may not be as knowledgeable of the risks of plugin installs as they are of desktop installs. It is unusual and thus will tend to trigger some level of concern. Manually whitelisting sites/apps you trust to ask for screensharing is possible also; the downside might be that users would not understand the risks; the upside would be that you could tailor warnings (which we all know users read religiously and understand totally!) -- Randell Jesup -- rjesup a t mozilla d o t com
Received on Thursday, 9 January 2014 23:30:14 UTC