Not sure how long this one has been around but in testing and tweaking 45.8ESR for updated eee-spins, I found this in about config
media.getusermedia.screensharing.enabled;false
media.getusermedia.screensharing.allowed_domains;
except line 1 was default true, and line 2 had all sorts of domain-names.
Posted for those of us not needing this function. It has potential for serious abuse, thus posted here.
Regards
8Geee
Screen Sharing in FireFox
Screen Sharing in FireFox
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."
-
- Posts: 1543
- Joined: Mon 22 Feb 2016, 19:43
I checked Firefox 52.1esr and it is set to true there too. According to here, that list is now useless/ignored though (?):
https://wiki.mozilla.org/Screensharing
https://wiki.mozilla.org/Screensharing
I was using something called rabb.it where you share your screen (and audio) for people, I wonder if that's the same thing.IMPORTANT: The Screensharing whitelist is no longer needed to share your screen or windows starting Firefox 52 (April). Please let us know if you find any problems!
If anyone has concerns about the ability of the browser to screenshare (either explicitly via that config list) or automatically as enabled in newer browsers it may be worth investigating exactly what webRTC enabled browsers are capable of.
It appears to me that modern browsers have an inbuilt ability to share the screen, and webcam, and microphone on demand. The question is - how much security is built around those functions and can we feel safe that we have total control over them?
When I use Chrome I see various funny messages from other programmes suggesting that the browser has already taken control over various functions of my sound card - without it ever having asked my permission to do so.
Don't know about more recent Firefox versions as I am still using 17.0ESR
It appears to me that modern browsers have an inbuilt ability to share the screen, and webcam, and microphone on demand. The question is - how much security is built around those functions and can we feel safe that we have total control over them?
When I use Chrome I see various funny messages from other programmes suggesting that the browser has already taken control over various functions of my sound card - without it ever having asked my permission to do so.
Don't know about more recent Firefox versions as I am still using 17.0ESR