- From: Harald Alvestrand <harald@alvestrand.no>
- Date: Mon, 07 Apr 2014 16:24:23 +0200
- To: whatwg@lists.whatwg.org
On 04/02/2014 07:52 PM, Ian Hickson wrote: > On Mon, 3 Mar 2014, Ami Fischman wrote: >> Looks like we're back in business: >> >> Latest editor's draft: >> http://dev.w3.org/2011/webrtc/editor/getusermedia.html > Thanks. > > As a user, this scares me a lot. Why isn't it up to me to control this? I > don't understand the security model here at all. I don't want random Web > pages to know that they can pipe audio to the remote speakers in my > bedroom from my laptop, but if we just expose all the audio output > devices, that's exactly what will be possible. > > Without a much clearer security model, I don't think it's a good idea to > add any APIs. > Would it make sense to group the access to sinks in with access to sources - that is, "this page wants access to your cameras, microphones and audio output devices"? (either on a per-device basis or as an all-or-nothing prompting)
Received on Monday, 7 April 2014 15:59:51 UTC