Privileged Operations and the Trusted X Window System

Library routines that access a window, property, or atom name without user involvement require MAC and DAC. Library routines that access frame buffer graphic contexts, fonts, and cursors require discretionary access and might also require additional privileges for special tasks.

The client might need one or more of the following privileges in its effective set if access to the object is denied: win_dac_read, win_dac_write, win_mac_read, or win_mac_write. See the TrustedExtensionsPolicy file to enable or disable these privileges.

This list shows the privileges needed to perform the following tasks:

• Configuring and destroying window resources – A client process needs the win_config privilege in its effective set to configure or destroy windows or properties that are permanently retained by the X Window Server. The screen saver timeout is an example of such a resource.

• Using window input devices – A client process needs the win_devices privilege in its effective set to obtain and set keyboard and pointer controls, or to modify pointer button mappings and key mappings.

• Using direct graphics access – A client process needs the win_dga privilege in its effective set to use the direct graphics access (DGA) X protocol extension.

• Downgrading window labels – A client process needs the win_downgrade_sl privilege in its effective set to change the sensitivity label of a window, pixmap, or property to a new label that does not dominate the existing label.

• Upgrading window labels – A client process needs the win_upgrade_sl privilege in its effective set to change the sensitivity label of a window, pixmap, or property to a new label that dominates the existing label.

• Setting a font path on a window – A client process needs the win_fontpath privilege in its effective set to modify the font path.