- From: Ian Hickson <ian@hixie.ch>
- Date: Fri, 11 Dec 2009 18:31:55 +0000 (UTC)
- To: Kenton Varda <kenton@google.com>
- Cc: "public-device-apis@w3.org" <public-device-apis@w3.org>
On Fri, 11 Dec 2009, Kenton Varda wrote: > On Fri, Dec 11, 2009 at 8:40 AM, Ian Hickson <ian@hixie.ch> wrote: > > > > I think once we've given a site access to the bits coming from the > > camera, we've got no way of knowing what the site is doing with the > > data, so we have to treat them as equivalent. > > Well, if there were a way for a script to be prohibited from > communicating with anything (remote servers, other processes on the > system, etc.), then you could safely give it access to the camera. > This could be a useful security property it some cases, but probably > isn't worth pursuing for the moment. This relates to the > (un-Googlably-named) "*-Property": > > http://en.wikipedia.org/wiki/Bell-La_Padula_model You'd also have to block access to the local storage and cookie stores, and workers, and block access to other frames and windows, and prevent new CSS rules from being added, and prevent the user from clicking any links in the page. I'm not sure it'd be particularly useful. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 11 December 2009 18:32:30 UTC