An <action> applies to all <operations> that follow it, until the next <action> is encountered. Thus, "irwad" means "ignore read and write, allow delete."
GetProperty and RotateProperties may do multiple operations (r and d, or r and w). If different actions apply to the operations, the most severe action is applied to the whole request; there is no partial request execution. The severity ordering is:
allow < ignore < error
Thus, if the <perms> for a property are ired (ignore read, error delete), and an untrusted client attempts GetProperty on that property with delete=True, an error is returned, but the property value is not. Similarly, if any of the properties in a RotateProperties do not allow both read and write, an error is returned without changing any property values.
Here is an example security policy file.
# Allow reading of application resources, but not writing.
property RESOURCE_MANAGER | root | ar iw |
property SCREEN_RESOURCES | root | ar iw |
#Ignore attempts to use cut buffers. Giving errors causes apps to crash,
#and allowing access may give away too much information.
property CUT_BUFFER0 root irw property CUT_BUFFER1 root irw property CUT_BUFFER2 root irw property CUT_BUFFER3 root irw property CUT_BUFFER4 root irw property CUT_BUFFER5 root irw property CUT_BUFFER6 root irw property CUT_BUFFER7 root irw
# If you are using Motif, you may want these. |
| |
property _MOTIF_DEFAULT_BINDINGS | root ar iw | |
property _MOTIF_DRAG_WINDOW | root | ar iw |
property _MOTIF_DRAG_TARGETS | any | ar iw |
property _MOTIF_DRAG_ATOMS | any ar iw | |
property _MOTIF_DRAG_ATOM_PAIRS any | ar iw | |
# The next two rules let xwininfo
#Allow read of WM_CLASS, but only for windows with WM_NAME.
#This might be more restrictive than necessary, but demonstrates
#the <required property> facility, and is also an attempt to
Page 149 | Graphics Administration Guide for |