blob: 38b78312af3809f7f68412a634f2ae457b9977cf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
#
# Config file for XSELinux extension
#
#
# The nonlocal_context rule defines a context to be used for all clients
# connecting to the server from a remote host. The nonlocal context must
# be defined, and it must be a valid context according to the SELinux
# security policy. Only one nonlocal_context rule may be defined.
#
nonlocal_context system_u:object_r:remote_xclient_t:s0
#
# Property rules map a property name to a SELinux type. The type must
# be valid according to the SELinux security policy. There can be any
# number of property rules. Additionally, a default property type can be
# defined for all properties not explicitly listed. The default
# property type may not be omitted. The default rule may appear in
# any position (it need not be the last property rule listed).
#
# Properties set by typical clients: WM, _NET_WM, etc.
property WM_NAME client_xproperty_t
property WM_CLASS client_xproperty_t
property WM_ICON_NAME client_xproperty_t
property WM_HINTS client_xproperty_t
property WM_NORMAL_HINTS client_xproperty_t
property WM_COMMAND client_xproperty_t
property WM_CLIENT_MACHINE client_xproperty_t
property WM_LOCALE_NAME client_xproperty_t
property WM_CLIENT_LEADER client_xproperty_t
property WM_STATE client_xproperty_t
property WM_PROTOCOLS client_xproperty_t
property WM_WINDOW_ROLE client_xproperty_t
property WM_TRANSIENT_FOR client_xproperty_t
property _NET_WM_NAME client_xproperty_t
property _NET_WM_ICON client_xproperty_t
property _NET_WM_ICON_NAME client_xproperty_t
property _NET_WM_PID client_xproperty_t
property _NET_WM_STATE client_xproperty_t
property _NET_WM_DESKTOP client_xproperty_t
property _NET_WM_SYNC_REQUEST_COUNTER client_xproperty_t
property _NET_WM_WINDOW_TYPE client_xproperty_t
property _NET_WM_USER_TIME client_xproperty_t
property _MOTIF_DRAG_RECEIVER_INFO client_xproperty_t
property XdndAware client_xproperty_t
# Properties written by xrdb
property RESOURCE_MANAGER rm_xproperty_t
property SCREEN_RESOURCES rm_xproperty_t
# Properties written by window managers
property _MIT_PRIORITY_COLORS wm_xproperty_t
# Properties used for security labeling
property _SELINUX_CLIENT_CONTEXT seclabel_xproperty_t
# Properties used to communicate screen information
property XFree86_VT info_xproperty_t
property XFree86_DDC_EDID1_RAWDATA info_xproperty_t
# Clipboard and selection properties
property CUT_BUFFER0 clipboard_xproperty_t
property CUT_BUFFER1 clipboard_xproperty_t
property CUT_BUFFER2 clipboard_xproperty_t
property CUT_BUFFER3 clipboard_xproperty_t
property CUT_BUFFER4 clipboard_xproperty_t
property CUT_BUFFER5 clipboard_xproperty_t
property CUT_BUFFER6 clipboard_xproperty_t
property CUT_BUFFER7 clipboard_xproperty_t
property _XT_SELECTION_0 clipboard_xproperty_t
# Default fallback type
property default unknown_xproperty_t
#
# Extension rules map an extension name to a SELinux type. The type must
# be valid according to the SELinux security policy. There can be any
# number of extension rules. Additionally, a default extension type can
# be defined for all extensions not explicitly listed. The default
# extension type may not be omitted. The default rule may appear in
# any position (it need not be the last extension rule listed).
#
# Standard extensions
extension BIG-REQUESTS std_xext_t
extension DOUBLE-BUFFER std_xext_t
extension Extended-Visual-Information std_xext_t
extension MIT-SUNDRY-NONSTANDARD std_xext_t
extension SHAPE std_xext_t
extension SYNC std_xext_t
extension XC-MISC std_xext_t
extension XFIXES std_xext_t
extension XFree86-Misc std_xext_t
extension XpExtension std_xext_t
# Screen management and multihead extensions
extension RANDR output_xext_t
extension XINERAMA std_xext_t
# Input extensions
extension XInputExtension input_xext_t
extension XKEYBOARD input_xext_t
# Screensaver, power management extensions
extension DPMS screensaver_xext_t
extension MIT-SCREEN-SAVER screensaver_xext_t
# Fonting extensions
extension FontCache font_xext_t
extension XFree86-Bigfont font_xext_t
# Shared memory extensions
extension MIT-SHM shmem_xext_t
# Accelerated graphics, OpenGL, direct rendering extensions
extension DAMAGE accelgraphics_xext_t
extension GLX accelgraphics_xext_t
extension NV-CONTROL accelgraphics_xext_t
extension NV-GLX accelgraphics_xext_t
extension NVIDIA-GLX accelgraphics_xext_t
extension RENDER std_xext_t
extension XFree86-DGA accelgraphics_xext_t
# Debugging, testing, and recording extensions
extension RECORD debug_xext_t
extension X-Resource debug_xext_t
extension XTEST debug_xext_t
# Extensions just for window managers
extension TOG-CUP windowmgr_xext_t
# Security-related extensions
extension SECURITY security_xext_t
extension SELinux security_xext_t
extension XAccessControlExtension security_xext_t
extension XC-APPGROUP security_xext_t
# Video extensions
extension XFree86-VidModeExtension video_xext_t
extension XVideo video_xext_t
extension XVideo-MotionCompensation video_xext_t
# Default fallback type
extension default unknown_xext_t
|
