- From: Kenton Varda <kenton@google.com>
- Date: Fri, 11 Dec 2009 10:56:42 -0800
- To: Ian Hickson <ian@hixie.ch>
- Cc: "public-device-apis@w3.org" <public-device-apis@w3.org>
Received on Friday, 11 December 2009 18:57:42 UTC
On Fri, Dec 11, 2009 at 10:31 AM, Ian Hickson <ian@hixie.ch> wrote: > On Fri, 11 Dec 2009, Kenton Varda wrote: > > On Fri, Dec 11, 2009 at 8:40 AM, Ian Hickson <ian@hixie.ch> wrote: > > > > > > I think once we've given a site access to the bits coming from the > > > camera, we've got no way of knowing what the site is doing with the > > > data, so we have to treat them as equivalent. > > > > Well, if there were a way for a script to be prohibited from > > communicating with anything (remote servers, other processes on the > > system, etc.), then you could safely give it access to the camera. > > This could be a useful security property it some cases, but probably > > isn't worth pursuing for the moment. This relates to the > > (un-Googlably-named) "*-Property": > > > > http://en.wikipedia.org/wiki/Bell-La_Padula_model > > You'd also have to block access to the local storage and cookie stores, > and workers, and block access to other frames and windows, and prevent new > CSS rules from being added, and prevent the user from clicking any links > in the page. I'm not sure it'd be particularly useful. > I agree.
Received on Friday, 11 December 2009 18:57:42 UTC