An attacker with a compromised renderer could still access any media. For those wondering, modern Electron apps seemingly handling microphone & video permissions separately, are only tracking and respecting the user choices in their UI. By default, the application would not have the capability to deny access to video without also denying access to audio. Electron’s lack of separation between these three is problematic because there may be cases where an application only requires the microphone, for example, but must also be granted access to record video. In Chrome, these permissions are separate. This leaves little room for exploitability from the renderer process, unless the application already needs to record a user’s screen.Įlectron groups these three into one permission, “media”. However, screen recording requires the Electron app to have configured a source via a desktopCapturer in the main process. Without implementing a permission handler, an Electron app’s renderer process will have access to a user’s webcam and microphone. The webcam, microphone, and screen recording functionalities present a serious risk to users when approval is granted by default. Webcam, Microphone, and Screen Recording Permissions We decided to investigate how Electron implements various permission checks to compare Electron’s behavior to that of Chrome and determine how a compromised renderer process may be able to abuse web APIs. This approval can lead to serious security and privacy consequences if the renderer process of the Electron application were to be compromised via unsafe navigation (e.g., open redirect, clicking links) or cross-site scripting.
While a solid default, security-conscious developers might want to assume the very opposite.” By default, Electron will automatically approve all permission requests unless the developer has manually configured a custom handler. “In Electron the permission API is based on Chromium and implements the same types of permissions. Since Chrome implements this pop-up box, how does Electron handle permissions? From Electron’s documentation:
0 kommentar(er)
