While playing around with Silverlight 4 and working on my demos for my talk on Tuesday at the Cleveland WPF User Group, I came across a peculiar situation.

I’ve got a webcam demo and wanted to see just what I could do with it to add my touches to it.  Of course, being the curious one, I had to wonder… “What if I denied access to my devices?  How does this really work?”

My setup, for reference:

 

And the permissions:

 

 

 

From what I was able to find out in my testing, it looks like the permissions work properly when in the browser (using Google Chrome).  However, when I run this as an out-of-browser app, it looks like the permissions are getting ignored.

Here’s my app in the browser:

 

And when it’s outside of the browser, I get this:

 

 

Is this really how these permissions are supposed to be working?  Am I missing something?  As an end user, if I told an application not to use my webcam but installed it to my desktop for other cool features (maybe an enhanced Twitter client or something), I wouldn’t want it to access my webcam.

* Edited 5/16/2010, 1:32AM Eastern Time*

So after seeing Dave Swersky‘s comment and looking into some other configurations, this is what I found out:

 

  • Webcam/mic permissions apply in-browser as expected
  • Webcam/mic permissions apply as expected when out-of-browser without elevated permissions.
  • Explicit webcam/mic deny permissions are being ignored when out-of-browser with elevated permissions.
So if I wanted to do an enhanced Twitter client with webcam/mic access and have a quirky end user who denies access to those resources, their quirks will be raised if they run the app out-of-browser, because chances are high that I’ll be creating an app with custom chrome, which needs elevated access to work.