On 2012-04-17 6:05 PM, Lucas Adamski wrote:
On 4/17/2012 11:31 AM, Zack Weinberg wrote:
But we have an alternative ready-to-hand, without falling back to
permissions dialogs: video recording mode. If
WebGL-preview-until-user-authorizes-still isn't good enough, ask
for permission to record video; that gives access to the raw video
stream (until the user presses the button again) and an API to take
stills whenever you want.
I'm guessing by "video recording mode" you really mean "full camera
access"? I ask because video frame capture is not comparable to
photo capture from a quality standpoint, but we could grant the app
the ability to take unlimited pictures for that period of time.
Lucas.
Right. I called it 'video recording mode' because I think that will be
the appropriate presentation to the user. I wouldn't bother having
"take stills without further user intervention starting now (until
revoked)" be a distinct capability from "record video starting now
(until revoked)". And I think this also covers the time lapse
photography scenario: if you've set up a camera for time lapse, you've
probably put it in a fixed location and aren't going to touch it for a
while, so the app can stay in the foreground. Similarly for baby monitors.
There _is_ a more powerful capability that we may want to have available
to a small handful of apps: "turn on the camera at some indefinite time
in the future, without user interaction at the time". The only use case
I can think of for that is an anti-device-theft system (turn on the
camera, GPS, etc. remotely and try to figure out where the device is - I
understand iPhones can do this), and maybe that should just be built
into the TCB rather than being an add-on. But this does point at a
general hole in the implicit authorization model: you can't use it to
grant authorization to do something under programmatic conditions at
some time in the future. Maybe there could be a special scheduler
powerbox for that, though.
zw
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
