977971 - FxOS GUM indicators can be hidden if camera and microphone requested separately

Status: RESOLVED DUPLICATE of bug 942724

(Firefox OS Graveyard :: General, defect)

Description

[Paul Theriault [:pauljt] (no longer reading bugmail)]

So it appears that the indicators in the status bar and notification tray are only designed to deal with one app at a time using getUserMedia. This is normally the case since getUserMedia({video:true}) will fail if another app is already using the camera (same for audio). However if one app is using video, and one app is using audio, you can end up in a state where video is enabled, but there is no indicator shown.

For this test I installed two apps that basically have this page in them:
http://mozilla.github.io/webrtc-landing/gum_test.html

STR:
1. In app 1, start audio and accept the prompt
2. In app 2, start video and accept the prompt
3. Look at the notification tray - you will see that only app1 one is shown, and it is shown to be using the microphone.
4. Kill app 1, and the gUM notification will fade then disappear as normal
5. Go back to app 2, and you can see that video is still being captured, even though there is no notification in tray or red dot in status bar.

Expected Result:
Either the second call to gUM fails, or two status notifications should be shown (probably the latter, but will need a semaphore for tracking or something?)

Actual:
Video is still captured with no indication to the user.

Security Implications:

I'm marking this as security sensitive even though this is pre-release, just in case. While the steps above may sound unlikely, I'm pretty sure a lone app could achieve a similar result using web activities, iframes or some combination of the two. Its probably easier to fix than to construct that PoC though. If that were possible, this constitutes a pretty serious privacy issue, so I am marking this sec-high. One mitigation is the user does have to actually accept both prompts, so its not completely stealth.

Comment 1

[Maire Reavy [:mreavy]]

SC - May I assign this bug to you?  We need to resolve this bug ASAP for v1.4.  If you are unavailable, please let us know so that we can find a new owner.  I am copying CJ, Steven, and Ekr on this bug for their awareness.  Thank you.

Comment 2

[Ivan Tsay (:ITsay)]

Hi Maire,

S.C. is not available to work on this bug right away since today is the national holiday in Taiwan. For such urgent bug, is it possible to find a new owner from other regions?

Comment 3

[[:fabrice] Fabrice Desré]

I'll take a look tomorrow

Comment 4

[Jason Smith [:jsmith]]

We either need to fix this or turn off gUM video support. Either way - blocking+.

Comment 5

[Jason Smith [:jsmith]]

This might be a dupe of bug 942724.

Comment 6

[Shih-Chiang Chien [:schien] (UTC+8) (use ni? plz)]

yes, it is bug 942724 and it needs Gaia modification.

Comment 7

[Maire Reavy [:mreavy]]

I've marked this as dependent on bug 942724 (so that the 2 bugs are linked) in case there are any additional code changes (specific to gUM) that are needed after bug 942724 is fixed, but it may make more sense to close this as a dupe.  

SC -- Will there be any gUM-specific code changes needed after bug 942724 is fixed?  Or will multiple gUM notifications simply work once bug 942724 is fixed?

I'll make the rest of my comments in bug 942724.

Comment 8

[Shih-Chiang Chien [:schien] (UTC+8) (use ni? plz)]

Fix Gaia in bug 942724 is enough. Gecko part has done in Bug 940045.

Comment 9

[gasolin@mozilla.com]

please cc me in Bug 940045 thus I could better checking gaia part in bug 942724.

Comment 10

[Maire Reavy [:mreavy]]

Fred, I just added you to Bug 940045

Comment 11

[Jason Smith [:jsmith]]

Given that there are no additional code changes required here in gecko, I'm going to dupe this to the Gaia bug.