Details
This setting controls website access and use system sensors such as motion and light.
Allow sites to access sensors (1)
Do not allow any site to access sensors (2)
The recommended state for this setting is: Do not allow any site to access sensors (2)
The recommended state for this setting is: Enabled with a value of Do not allow any site to access sensors
NOTE: If more granular control is needed (per website) then this setting can be used in combination with the SensorsAllowedForUrls and SensorsBlockedForUrls settings. For example, SensorsAllowedForUrls can be used to allow sensor access to specific sites. Please see the references below for more information.
Rationale:
Preventing access to system sensors may prevent malicious sites from using these sensors for user profiling (OpSec).
Impact:
This setting would also prevent legitimate sites from accessing it as well.
Solution
To establish the recommended configuration via GP, set the following UI path to Enabled: Do not allow any site to access sensors:
Computer ConfigurationAdministrative TemplatesGoogleGoogle ChromeContent settingsDefault sensors setting
Default Value:
Unset (Same as Enabled with a value of Allow sites to access sensors, but user can change)
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.