summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore2
-rw-r--r--Xext/Makefile.am7
-rw-r--r--Xext/SecurityPolicy86
-rw-r--r--doc/Makefile.am2
-rw-r--r--doc/SecurityPolicy.man.pre258
-rw-r--r--doc/Xserver.man.pre13
6 files changed, 1 insertions, 367 deletions
diff --git a/.gitignore b/.gitignore
index 27132c0f9..1213d9993 100644
--- a/.gitignore
+++ b/.gitignore
@@ -92,8 +92,6 @@ cfb32/cfbzerarcG.c
cfb32/cfbzerarcX.c
doc/Xserver.1x
doc/Xserver.man
-doc/SecurityPolicy.5
-doc/SecurityPolicy.man
hw/dmx/Xdmx
hw/dmx/Xdmx.1x
hw/dmx/config/dmxtodmx
diff --git a/Xext/Makefile.am b/Xext/Makefile.am
index 6fe1c3488..f57e59910 100644
--- a/Xext/Makefile.am
+++ b/Xext/Makefile.am
@@ -33,9 +33,6 @@ MODULE_SRCS = \
sync.c \
xcmisc.c
-# Extra configuration files ship with some extensions
-SERVERCONFIG_DATA =
-
# Optional sources included if extension enabled by configure.ac rules
# MIT Shared Memory extension
@@ -86,9 +83,6 @@ endif
XCSECURITY_SRCS = security.c securitysrv.h
if XCSECURITY
BUILTIN_SRCS += $(XCSECURITY_SRCS)
-
-SERVERCONFIG_DATA += SecurityPolicy
-AM_CFLAGS += -DDEFAULTPOLICYFILE=\"$(SERVERCONFIGdir)/SecurityPolicy\"
endif
XCALIBRATE_SRCS = xcalibrate.c
@@ -166,7 +160,6 @@ libXextmodule_la_SOURCES = $(MODULE_SRCS)
endif
EXTRA_DIST = \
- $(SERVERCONFIG_DATA) \
$(MITSHM_SRCS) \
$(XV_SRCS) \
$(RES_SRCS) \
diff --git a/Xext/SecurityPolicy b/Xext/SecurityPolicy
deleted file mode 100644
index 04dfb0e6b..000000000
--- a/Xext/SecurityPolicy
+++ /dev/null
@@ -1,86 +0,0 @@
-version-1
-
-# $Xorg: SecurityPolicy,v 1.3 2000/08/17 19:47:56 cpqbld Exp $
-
-# Property access rules:
-# property <property> <window> <permissions>
-# <window> ::= any | root | <propertyselector>
-# <propertyselector> ::= <property> | <property>=<value>
-# <permissions> :== [ <operation> | <action> | <space> ]*
-# <operation> :== r | w | d
-# r read
-# w write
-# d delete
-# <action> :== a | i | e
-# a allow
-# i ignore
-# e error
-
-# Allow reading of application resources, but not writing.
-property RESOURCE_MANAGER root ar iw
-property SCREEN_RESOURCES root ar iw
-
-# Ignore attempts to use cut buffers. Giving errors causes apps to crash,
-# and allowing access may give away too much information.
-property CUT_BUFFER0 root irw
-property CUT_BUFFER1 root irw
-property CUT_BUFFER2 root irw
-property CUT_BUFFER3 root irw
-property CUT_BUFFER4 root irw
-property CUT_BUFFER5 root irw
-property CUT_BUFFER6 root irw
-property CUT_BUFFER7 root irw
-
-# If you are using Motif, you probably want these.
-property _MOTIF_DEFAULT_BINDINGS root ar iw
-property _MOTIF_DRAG_WINDOW root ar iw
-property _MOTIF_DRAG_TARGETS any ar iw
-property _MOTIF_DRAG_ATOMS any ar iw
-property _MOTIF_DRAG_ATOM_PAIRS any ar iw
-
-# If you are running CDE you also need these
-property _MOTIF_WM_INFO root arw
-property TT_SESSION root irw
-property WM_ICON_SIZE root irw
-property "SDT Pixel Set" any irw
-
-# The next two rules let xwininfo -tree work when untrusted.
-property WM_NAME any ar
-
-# Allow read of WM_CLASS, but only for windows with WM_NAME.
-# This might be more restrictive than necessary, but demonstrates
-# the <required property> facility, and is also an attempt to
-# say "top level windows only."
-property WM_CLASS WM_NAME ar
-
-# These next three let xlsclients work untrusted. Think carefully
-# before including these; giving away the client machine name and command
-# may be exposing too much.
-property WM_STATE WM_NAME ar
-property WM_CLIENT_MACHINE WM_NAME ar
-property WM_COMMAND WM_NAME ar
-
-# To let untrusted clients use the standard colormaps created by
-# xstdcmap, include these lines.
-property RGB_DEFAULT_MAP root ar
-property RGB_BEST_MAP root ar
-property RGB_RED_MAP root ar
-property RGB_GREEN_MAP root ar
-property RGB_BLUE_MAP root ar
-property RGB_GRAY_MAP root ar
-
-# To let untrusted clients use the color management database created
-# by xcmsdb, include these lines.
-property XDCCC_LINEAR_RGB_CORRECTION root ar
-property XDCCC_LINEAR_RGB_MATRICES root ar
-property XDCCC_GRAY_SCREENWHITEPOINT root ar
-property XDCCC_GRAY_CORRECTION root ar
-
-# To let untrusted clients use the overlay visuals that many vendors
-# support, include this line.
-property SERVER_OVERLAY_VISUALS root ar
-
-# Only trusted extensions can be used by untrusted clients
-trust extension XC-MISC
-trust extension BIG-REQUESTS
-trust extension XpExtension
diff --git a/doc/Makefile.am b/doc/Makefile.am
index ce1979d4f..d3911c9bf 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -5,7 +5,7 @@ filemandir = $(FILE_MAN_DIR)
# (i.e. those handled in the os/utils.c options processing instead of in
# the DDX-level options processing)
appman_PRE = Xserver.man.pre
-fileman_PRE = SecurityPolicy.man.pre
+fileman_PRE =
appman_PROCESSED = $(appman_PRE:man.pre=man)
fileman_PROCESSED = $(fileman_PRE:man.pre=man)
diff --git a/doc/SecurityPolicy.man.pre b/doc/SecurityPolicy.man.pre
deleted file mode 100644
index f5aff0c6c..000000000
--- a/doc/SecurityPolicy.man.pre
+++ /dev/null
@@ -1,258 +0,0 @@
-.\" Split out of Xserver.man, which was covered by this notice:
-.\" Copyright 1984 - 1991, 1993, 1994, 1998 The Open Group
-.\"
-.\" Permission to use, copy, modify, distribute, and sell this software and its
-.\" documentation for any purpose is hereby granted without fee, provided that
-.\" the above copyright notice appear in all copies and that both that
-.\" copyright notice and this permission notice appear in supporting
-.\" documentation.
-.\"
-.\" The above copyright notice and this permission notice shall be included
-.\" in all copies or substantial portions of the Software.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
-.\" OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-.\" MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-.\" IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
-.\" OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
-.\" ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-.\" OTHER DEALINGS IN THE SOFTWARE.
-.\"
-.\" Except as contained in this notice, the name of The Open Group shall
-.\" not be used in advertising or otherwise to promote the sale, use or
-.\" other dealings in this Software without prior written authorization
-.\" from The Open Group.
-.\" $XFree86: xc/programs/Xserver/Xserver.man,v 3.31 2004/01/10 22:27:46 dawes Exp $
-.\" shorthand for double quote that works everywhere.
-.ds q \N'34'
-.TH SecurityPolicy __filemansuffix__ __xorgversion__
-.SH NAME
-SecurityPolicy \- X Window System SECURITY Extension Policy file format
-.SH DESCRIPTION
-The SECURITY extension to the X Window System uses a policy file to determine
-which operations should be allowed or denied. The default location for this
-file is
-.IR __projectroot__/lib/xserver/SecurityPolicy .
-.PP
-The syntax of the security policy file is as follows.
-Notation: "*" means zero or more occurrences of the preceding element,
-and "+" means one or more occurrences. To interpret <foo/bar>, ignore
-the text after the /; it is used to distinguish between instances of
-<foo> in the next section.
-.PP
-.nf
-<policy file> ::= <version line> <other line>*
-
-<version line> ::= <string/v> '\en'
-
-<other line > ::= <comment> | <access rule> | <site policy> | <blank line>
-
-<comment> ::= # <not newline>* '\en'
-
-<blank line> ::= <space> '\en'
-
-<site policy> ::= sitepolicy <string/sp> '\en'
-
-<access rule> ::= property <property/ar> <window> <perms> '\en'
-
-<property> ::= <string>
-
-<window> ::= any | root | <required property>
-
-<required property> ::= <property/rp> | <property with value>
-
-<property with value> ::= <property/rpv> = <string/rv>
-
-<perms> ::= [ <operation> | <action> | <space> ]*
-
-<operation> ::= r | w | d
-
-<action> ::= a | i | e
-
-<string> ::= <dbl quoted string> | <single quoted string> | <unquoted string>
-
-<dbl quoted string> ::= <space> " <not dquote>* " <space>
-
-<single quoted string> ::= <space> ' <not squote>* ' <space>
-
-<unquoted string> ::= <space> <not space>+ <space>
-
-<space> ::= [ ' ' | '\et' ]*
-
-Character sets:
-
-<not newline> ::= any character except '\en'
-<not dquote> ::= any character except "
-<not squote> ::= any character except '
-<not space> ::= any character except those in <space>
-.fi
-.PP
-The semantics associated with the above syntax are as follows.
-.PP
-<version line>, the first line in the file, specifies the file format
-version. If the server does not recognize the version <string/v>, it
-ignores the rest of the file. The version string for the file format
-described here is "version-1" .
-.PP
-Once past the <version line>, lines that do not match the above syntax
-are ignored.
-.PP
-<comment> lines are ignored.
-.PP
-<sitepolicy> lines are currently ignored. They are intended to
-specify the site policies used by the XC-QUERY-SECURITY-1
-authorization method.
-.PP
-<access rule> lines specify how the server should react to untrusted
-client requests that affect the X Window property named <property/ar>.
-The rest of this section describes the interpretation of an
-<access rule>.
-.PP
-For an <access rule> to apply to a given instance of <property/ar>,
-<property/ar> must be on a window that is in the set of windows
-specified by <window>. If <window> is any, the rule applies to
-<property/ar> on any window. If <window> is root, the rule applies to
-<property/ar> only on root windows.
-.PP
-If <window> is <required property>, the following apply. If <required
-property> is a <property/rp>, the rule applies when the window also
-has that <property/rp>, regardless of its value. If <required
-property> is a <property with value>, <property/rpv> must also have
-the value specified by <string/rv>. In this case, the property must
-have type STRING and format 8, and should contain one or more
-null-terminated strings. If any of the strings match <string/rv>, the
-rule applies.
-.PP
-The definition of string matching is simple case-sensitive string
-comparison with one elaboration: the occurrence of the character '*' in
-<string/rv> is a wildcard meaning "any string." A <string/rv> can
-contain multiple wildcards anywhere in the string. For example, "x*"
-matches strings that begin with x, "*x" matches strings that end with
-x, "*x*" matches strings containing x, and "x*y*" matches strings that
-start with x and subsequently contain y.
-.PP
-There may be multiple <access rule> lines for a given <property/ar>.
-The rules are tested in the order that they appear in the file. The
-first rule that applies is used.
-.PP
-<perms> specify operations that untrusted clients may attempt, and
-the actions that the server should take in response to those operations.
-.PP
-<operation> can be r (read), w (write), or d (delete). The following
-table shows how X Protocol property requests map to these operations
-in the X.Org server implementation.
-.PP
-.nf
-GetProperty r, or r and d if delete = True
-ChangeProperty w
-RotateProperties r and w
-DeleteProperty d
-ListProperties none, untrusted clients can always list all properties
-.fi
-.PP
-<action> can be a (allow), i (ignore), or e (error). Allow means
-execute the request as if it had been issued by a trusted client.
-Ignore means treat the request as a no-op. In the case of
-GetProperty, ignore means return an empty property value if the
-property exists, regardless of its actual value. Error means do not
-execute the request and return a BadAtom error with the atom set to
-the property name. Error is the default action for all properties,
-including those not listed in the security policy file.
-.PP
-An <action> applies to all <operation>s that follow it, until the next
-<action> is encountered. Thus, irwad means ignore read and write,
-allow delete.
-.PP
-GetProperty and RotateProperties may do multiple operations (r and d,
-or r and w). If different actions apply to the operations, the most
-severe action is applied to the whole request; there is no partial
-request execution. The severity ordering is: allow < ignore < error.
-Thus, if the <perms> for a property are ired (ignore read, error
-delete), and an untrusted client attempts GetProperty on that property
-with delete = True, an error is returned, but the property value is
-not. Similarly, if any of the properties in a RotateProperties do not
-allow both read and write, an error is returned without changing any
-property values.
-.PP
-Here is an example security policy file.
-.PP
-.ta 3i 4i
-.nf
-version-1
-
-XCOMM Allow reading of application resources, but not writing.
-property RESOURCE_MANAGER root ar iw
-property SCREEN_RESOURCES root ar iw
-
-XCOMM Ignore attempts to use cut buffers. Giving errors causes apps to crash,
-XCOMM and allowing access may give away too much information.
-property CUT_BUFFER0 root irw
-property CUT_BUFFER1 root irw
-property CUT_BUFFER2 root irw
-property CUT_BUFFER3 root irw
-property CUT_BUFFER4 root irw
-property CUT_BUFFER5 root irw
-property CUT_BUFFER6 root irw
-property CUT_BUFFER7 root irw
-
-XCOMM If you are using Motif, you probably want these.
-property _MOTIF_DEFAULT_BINDINGS root ar iw
-property _MOTIF_DRAG_WINDOW root ar iw
-property _MOTIF_DRAG_TARGETS any ar iw
-property _MOTIF_DRAG_ATOMS any ar iw
-property _MOTIF_DRAG_ATOM_PAIRS any ar iw
-
-XCOMM The next two rules let xwininfo -tree work when untrusted.
-property WM_NAME any ar
-
-XCOMM Allow read of WM_CLASS, but only for windows with WM_NAME.
-XCOMM This might be more restrictive than necessary, but demonstrates
-XCOMM the <required property> facility, and is also an attempt to
-XCOMM say "top level windows only."
-property WM_CLASS WM_NAME ar
-
-XCOMM These next three let xlsclients work untrusted. Think carefully
-XCOMM before including these; giving away the client machine name and command
-XCOMM may be exposing too much.
-property WM_STATE WM_NAME ar
-property WM_CLIENT_MACHINE WM_NAME ar
-property WM_COMMAND WM_NAME ar
-
-XCOMM To let untrusted clients use the standard colormaps created by
-XCOMM xstdcmap, include these lines.
-property RGB_DEFAULT_MAP root ar
-property RGB_BEST_MAP root ar
-property RGB_RED_MAP root ar
-property RGB_GREEN_MAP root ar
-property RGB_BLUE_MAP root ar
-property RGB_GRAY_MAP root ar
-
-XCOMM To let untrusted clients use the color management database created
-XCOMM by xcmsdb, include these lines.
-property XDCCC_LINEAR_RGB_CORRECTION root ar
-property XDCCC_LINEAR_RGB_MATRICES root ar
-property XDCCC_GRAY_SCREENWHITEPOINT root ar
-property XDCCC_GRAY_CORRECTION root ar
-
-XCOMM To let untrusted clients use the overlay visuals that many vendors
-XCOMM support, include this line.
-property SERVER_OVERLAY_VISUALS root ar
-
-XCOMM Dumb examples to show other capabilities.
-
-XCOMM oddball property names and explicit specification of error conditions
-property "property with spaces" 'property with "' aw er ed
-
-XCOMM Allow deletion of Woo-Hoo if window also has property OhBoy with value
-XCOMM ending in "son". Reads and writes will cause an error.
-property Woo-Hoo OhBoy = "*son" ad
-
-.fi
-.SH FILES
-.TP 30
-.I __projectroot__/lib/xserver/SecurityPolicy
-Default X server security policy
-.SH "SEE ALSO"
-.PP
-\fIXserver\fp(__appmansuffix__),
-.I "Security Extension Specification"
diff --git a/doc/Xserver.man.pre b/doc/Xserver.man.pre
index c9ee019c6..c47a3966b 100644
--- a/doc/Xserver.man.pre
+++ b/doc/Xserver.man.pre
@@ -407,15 +407,6 @@ elapse between autorepeat-generated keystrokes).
.TP 8
.B \-xkbmap \fIfilename\fP
loads keyboard description in \fIfilename\fP on server startup.
-.SH SECURITY EXTENSION OPTIONS
-X servers that support the SECURITY extension accept the following option:
-.TP 8
-.B \-sp \fIfilename\fP
-causes the server to attempt to read and interpret filename as a security
-policy file with the format described below. The file is read at server
-startup and reread at each server reset.
-The syntax of the security policy file is described in
-\fISecurityPolicy\fP(__filemansuffix__).
.SH "NETWORK CONNECTIONS"
The X server supports client connections via a platform-dependent subset of
the following transport types: TCP\/IP, Unix Domain sockets, DECnet,
@@ -580,9 +571,6 @@ Error log file for display number \fBn\fP if run from \fIinit\fP(__adminmansuffi
.TP 30
.I __projectroot__/lib/X11/xdm/xdm-errors
Default error log file if the server is run from \fIxdm\fP(1)
-.TP 30
-.I __projectroot__/lib/xserver/SecurityPolicy
-Default X server security policy
.SH "SEE ALSO"
General information: \fIX\fP(__miscmansuffix__)
.PP
@@ -597,7 +585,6 @@ Fonts: \fIbdftopcf\fP(1), \fImkfontdir\fP(1), \fImkfontscale\fP(1),
.PP
Security: \fIXsecurity\fP(__miscmansuffix__), \fIxauth\fP(1), \fIXau\fP(1),
\fIxdm\fP(1), \fIxhost\fP(1), \fIxfwp\fP(1),
-\fISecurityPolicy\fP(__filemansuffix__),
.I "Security Extension Specification"
.PP
Starting the server: \fIxdm\fP(1), \fIxinit\fP(1)