XACE: Make the default window background state configurable per-window.

To recap: the original XC-SECURITY extension disallowed background "None" if the window was untrusted. XACE 1.0 preserved this check as a hook function. XACE pre-2.0 removed the hook and first abolished background "None entirely, then restored it as a global on/off switch in response to Bug #13683. Now it's back to being per-window, via a flag instead of a hook function.
author: Eamon Walsh <ewalsh@tycho.nsa.gov> 2008-02-15 19:53:45 -0500
committer: Eamon Walsh <ewalsh@moss-charon.epoch.ncsc.mil> 2008-02-20 15:59:40 -0500
commit: f343265a289724c81017f089c024a7618267c4e3 (patch)
tree: 2cf79ba31a1375d68237c77b813d79e9d72c665b /Xext/security.c
parent: 7c2f0a8befb310707ea923dbcdfde84521e52c88 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/Xext/security.c b/Xext/security.c
index a3cde2cec..27ef38205 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -810,6 +810,11 @@ SecurityResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
     subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
     obj = dixLookupPrivate(&clients[cid]->devPrivates, stateKey);
 
+    /* disable background None for untrusted windows */
+    if ((requested & DixCreateAccess) && (rec->rtype == RT_WINDOW))
+	if (subj->haveState && subj->trustLevel != XSecurityClientTrusted)
+	    ((WindowPtr)rec->res)->forcedBG = TRUE;
+
     /* special checks for server-owned resources */
     if (cid == 0) {
 	if (rec->rtype & RC_DRAWABLE)
author	Eamon Walsh <ewalsh@tycho.nsa.gov>	2008-02-15 19:53:45 -0500
committer	Eamon Walsh <ewalsh@moss-charon.epoch.ncsc.mil>	2008-02-20 15:59:40 -0500
commit	f343265a289724c81017f089c024a7618267c4e3 (patch)
tree	2cf79ba31a1375d68237c77b813d79e9d72c665b /Xext/security.c
parent	7c2f0a8befb310707ea923dbcdfde84521e52c88 (diff)