Information
This setting allows access to local files by allowing file selection dialogs in Google Chrome.
The recommended state for this setting is: Disabled (0)
Rationale:
Allowing users to import favorites, upload files, and save links could pose potential security risks by allowing data to be uploaded to external sites or by downloading malicious files. By not allowing the file selection dialog, the end-user will not be prompted for uploads/downloads, preventing data exfiltration and possible system infection by malware.
Impact:
If you disable this setting, users will no longer be prompted when performing actions which would trigger a file selection dialog. Instead, the file selection dialog box assumes the user clicked 'Cancel'. Being as this is not the default behavior, impact to the user will be noticeable, and the user will not be able to upload and download files.
Solution
To establish the recommended configuration via GP, set the following UI path to Disabled:
Computer Configuration\Policies\Administrative Templates\Google\Google Chrome\Allow invocation of file selection dialogs
Default Value:
Unset (Same as Enabled, but user can change)