Details
This setting controls website access and use of system serial port.
Do not allow any site to request access to serial ports via the Serial API (2)
Allow sites to ask the user to grant access to a serial port (3)
The recommended state for this setting is: Do not allow any site to request access to serial ports via the Serial API (2)
NOTE: If more granular control is needed (per website) then this setting can be used in combination with the SerialAllowAllPortsForUrls, SerialAskForUrls and SerialBlockedForUrls settings. For example, SerialAllowAllPortsForUrls can be used to allow serial port access to specific sites. Please see the references below for more information.
Rationale:
Preventing access to system serial ports may prevent malicious sites from using these port and accessing the devices attached.
Impact:
This setting would also prevent legitimate sites from accessing it as well.
Solution
To establish the recommended configuration via GP, set the following UI path to Enabled: Do not allow any site to request access to serial ports via the Serial API:
Computer ConfigurationAdministrative TemplatesGoogleGoogle ChromeContent settingsControl use of the Serial API
Default Value:
Unset (Same as Enabled with Allow sites to ask the user to grant access to a serial port, but user can change)
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.