diff options
Diffstat (limited to 'os')
| -rw-r--r-- | os/access.c | 6 | ||||
| -rw-r--r-- | os/connection.c | 6 |
2 files changed, 4 insertions, 8 deletions
diff --git a/os/access.c b/os/access.c index cdb17589c..d61edeffc 100644 --- a/os/access.c +++ b/os/access.c @@ -202,9 +202,7 @@ SOFTWARE. #include "dixstruct.h" #include "osdep.h" -#ifdef XACE #include "xace.h" -#endif #ifndef PATH_MAX #ifdef MAXPATHLEN @@ -1528,11 +1526,11 @@ AuthorizedClient(ClientPtr client) { if (!client || defeatAccessControl) return TRUE; -#ifdef XACE + /* untrusted clients can't change host access */ if (!XaceHook(XACE_HOSTLIST_ACCESS, client, SecurityWriteAccess)) return FALSE; -#endif + return LocalClient(client); } diff --git a/os/connection.c b/os/connection.c index 100f1e522..ffe911e45 100644 --- a/os/connection.c +++ b/os/connection.c @@ -148,9 +148,7 @@ extern __const__ int _nfiles; #ifdef XAPPGROUP #include "appgroup.h" #endif -#ifdef XACE #include "xace.h" -#endif #ifdef XCSECURITY #include "securitysrv.h" #endif @@ -750,9 +748,9 @@ ClientAuthorized(ClientPtr client, /* indicate to Xdmcp protocol that we've opened new client */ XdmcpOpenDisplay(priv->fd); #endif /* XDMCP */ -#ifdef XACE + XaceHook(XACE_AUTH_AVAIL, client, auth_id); -#endif + /* At this point, if the client is authorized to change the access control * list, we should getpeername() information, and add the client to * the selfhosts list. It's not really the host machine, but the |