<sitepolicy> lines are currently ignored. They are intended to specify the site policies used by the XC-
<access rule> lines specify how the server should react to untrusted client requests that affect the X Window property named <property/ar>. The rest of this section describes the interpretation of an access rule.
For an <access rule> to apply to a given instance of <property/ar>, <property/ar> must be on a window that is in the set of windows specified by <window>. If <window> is any, the rule applies to <property/ar> on any window. If <window> is root, the rule applies to <property/ar> only on root windows.
If <window> is required property, the following apply. If required property is a <property/rp>, the rule applies when the <window> also has that <property/rp>, regardless of its value. If required property is a <property with value>, <property/rpv > must also have the value specified by <string/rv>. In this case, the property must have type STRING and format 8, and should contain one or more
The definition of string matching is simple
There may be multiple <access rule> lines for a given <property/ar>. The rules are tested in the order that they appear in the file. The first rule that applies is used.
<perms> specify operations that untrusted clients may attempt, and the actions that the server should take in response to those operations.
<operation> can be r (read), w (write), or d (delete). The following table shows how X Protocol property requests map to these operations in The Open Group server implementation.
GetProperty | r, or r and d if delete=True |
ChangeProperty | w |
RotateProperties | r and w |
DeleteProperty | d |
ListProperties | none, untrusted clients can always list all properties |
<action> can be "a" (allow), "i" (ignore), or "e" (error). "Allow" means execute the request as if it had been issued by a trusted client. "Ignore" means treat the request as a
Page 148 | Graphics Administration Guide for |