DocsThe first thing you, the security extension writer, should decide on is the state information that your extension will be storing and how it will be stored. XACE itself does not provide any mechanism for storing state.
One method of storing state is global variables in the extension code. Tables can be kept corresponding to internal server structures, updated to stay synchronized with the structures themselves. One problem with this method is that the X server does not have consistent methods for lifecycle management of its objects, meaning that it might be difficult to keep state up to date with objects.
Another method of storing state is to attach your extension's security data directly to the server structures. This method is possible via the devPrivates mechanism provide by the DIX layer. Structures supporting this mechanism can be identified by the presence of a "devPrivates" field. Full documentation of the devPrivates mechanism is described in the core X server documentation.
XACE has two header files that security extension code may need to include. Include Xext/xacestr.h if you need the structure definitions for the XACE hooks in your source file. Otherwise, include Xext/xace.h, which contains everything else including constants and function declarations.
XACE hooks use the standard X server callback mechanism. Your security extension's callback functions should all use the following prototype:
void MyCallback( CallbackListPtr *pcbl pointer userdata pointer calldata );void MyCallback( CallbackListPtr *pcbl pointer userdata pointer calldata );
When the callback is called, pcbl points to the callback list itself. The X callback mechanism allows the list to be manipulated in various ways, but XACE callbacks should not do this. Remember that other security extensions may be registered on the same hook. userdata is set to the data argument that was passed to XaceRegisterCallback at registration time; this can be used by your extension to pass data into the callback. calldata points to a value or structure which is specific to each XACE hook. These are discussed in the documentation for each specific hook, below. Your extension must cast this argument to the appropriate pointer type.
To register a callback on a given hook, use XaceRegisterCallback:
Bool XaceRegisterCallback( int hook CallbackProcPtr callback pointer userdata );Bool XaceRegisterCallback( int hook CallbackProcPtr callback pointer userdata );
Where hook is the XACE hook you wish to register on, callback is the callback function you wish to register, and userdata will be passed through to the callback as its second argument, as described above. See Table 1, “XACE security hooks.” for the list of XACE hook codes. XaceRegisterCallback is typically called from the extension initialization code; see the SECURITY source for examples. The return value is TRUE for success, FALSE otherwise.
To unregister a callback, use XaceDeleteCallback:
Bool XaceDeleteCallback( int hook CallbackProcPtr callback pointer userdata );Bool XaceDeleteCallback( int hook CallbackProcPtr callback pointer userdata );
where the three arguments are identical to those used in the call to XaceRegisterCallback. The return value is TRUE for success, FALSE otherwise.
The currently defined set of XACE hooks is shown in Table 1, “XACE security hooks.”. As discussed in the section called “Security Hooks”, the set of hooks is likely to change in the future as XACE is adopted and further security analysis of the X server is performed.
Table 1. XACE security hooks.
| Hook Identifier | Callback Argument Type | Refer to |
|---|---|---|
XACE_CORE_DISPATCH | XaceCoreDispatchRec | the section called “Core Dispatch” |
XACE_EXT_DISPATCH | XaceExtAccessRec | the section called “Extension Dispatch” |
XACE_RESOURCE_ACCESS | XaceResourceAccessRec | the section called “Resource Access” |
XACE_DEVICE_ACCESS | XaceDeviceAccessRec | the section called “Device Access” |
XACE_PROPERTY_ACCESS | XacePropertyAccessRec | the section called “Property Access” |
XACE_SEND_ACCESS | XaceSendAccessRec | the section called “Send Access” |
XACE_RECEIVE_ACCESS | XaceReceiveAccessRec | the section called “Receive Access” |
XACE_CLIENT_ACCESS | XaceClientAccessRec | the section called “Client Access” |
XACE_EXT_ACCESS | XaceExtAccessRec | the section called “Extension Access” |
XACE_SERVER_ACCESS | XaceServerAccessRec | the section called “Server Access” |
XACE_SELECTION_ACCESS | XaceSelectionAccessRec | the section called “Selection Access” |
XACE_SCREEN_ACCESS | XaceScreenAccessRec | the section called “Screen Access” |
XACE_SCREENSAVER_ACCESS | XaceScreenAccessRec | the section called “Screen Saver Access” |
XACE_AUTH_AVAIL | XaceAuthAvailRec | the section called “Authorization Availability Hook” |
XACE_KEY_AVAIL | XaceKeyAvailRec | the section called “Keypress Availability Hook” |
XACE_AUDIT_BEGIN | XaceAuditRec | the section called “Auditing Hooks” |
XACE_AUDIT_END | XaceAuditRec | the section called “Auditing Hooks” |
In the descriptions that follow, it is helpful to have a listing of Xext/xacestr.h available for reference.
This hook allows security extensions to examine all incoming core protocol requests before they are dispatched. The hook argument is a pointer to a structure of type XaceCoreDispatchRec. This structure contains a
client field of type ClientPtr
and a status field of type int.
The client field refers to the client making the incoming request. Note that the complete request is accessible via the requestBuffer member of the client structure. The REQUEST family of macros, located in include/dix.h, are useful in verifying and reading from this member.
The status field may be set to a nonzero X protocol error code. In this event, the request will not be processed further and the error code will be returned to the client.
This hook allows security extensions to examine all incoming extension protocol requests before they are dispatched. The hook argument is a pointer to a structure of type XaceExtAccessRec. This structure contains a
client field of type ClientPtr,
a ext field of type ExtensionEntry*,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client making the incoming request. Note that the complete request is accessible via the requestBuffer member of the client structure. The REQUEST family of macros, located in include/dix.h, are useful in verifying and reading from this member.
The ext field refers to the extension being accessed. This is required information since extensions are not associated with any particular major number.
The access_mode field is set to DixUseAccess when this hook is exercised.
The status field may be set to a nonzero X protocol error code. In this event, the request will not be processed further and the error code will be returned to the client.
This hook allows security extensions to monitor all resource lookups. The hook argument is a pointer to a structure of type XaceResourceAccessRec. This structure contains a
client field of type ClientPtr,
a id field of type XID,
a rtype field of type RESTYPE,
a res field of type pointer,
a ptype field of type RESTYPE,
a parent field of type pointer,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client on whose behalf the lookup is being performed. Note that this may be serverClient for server lookups.
The id field is the resource ID being looked up.
The rtype field is the type of the resource being looked up.
The res field is the resource itself: the result of the lookup.
The ptype field is the type of the parent resource or RT_NONE if not set.
The parent field is the parent resource itself or NULL if not set. The parent resource is set only when two conditions are met: The resource in question is being created at the time of the call (in which case the access_mode will include DixCreateAccess) and the resource in question has a defined parent object. Table 3, “Resource access hook parent objects.” lists the resources that support parent objects. The purpose of these two fields is to provide generic support for "parent" resources.
The access_mode field encodes the type of action being performed. The valid mode bits are defined in include/dixaccess.h. The meaning of the bits depends on the specific resource type. Tables for some common types can be found in Table 2, “Resource access hook access modes.”. Note that the DixCreateAccess access mode has special meaning: it signifies that the resource object is in the process of being created. This provides an opportunity for the security extension to initialize its security label information in the structure devPrivates or otherwise. If the status field is set to an error code in this case, the resource creation will fail and no entry will be made under the specified resource ID.
The status field may be set to a nonzero X protocol error code. In this event, the resource lookup will fail and an error (usually, but not always, the status value) will be returned to the client.
Table 2. Resource access hook access modes.
| Access Mode Bit | Meaning | Example Call Site |
|---|---|---|
DixReadAccess | The primary data or contents of the object are being read (drawables, cursors, colormaps). | GetImage, GetCursorImage, CreatePicture, QueryColors |
DixWriteAccess | The primary data or contents of the object are being written (drawables, cursors, colormaps). | PutImage, RenderTriFan, ClearArea, StoreColors, RecolorCursor |
DixDestroyAccess | The object is being removed. | CloseFont, DestroyWindow, FreePixmap, FreeCursor, RenderFreePicture |
DixCreateAccess | The object is being created. | CreateWindow, CreatePixmap, CreateGC, CreateColormap |
DixGetAttrAccess | The object's attributes are being queried, or the object is being referenced. | GetWindowAttributes, GetGeometry, QueryFont, CopyGC, QueryBestSize |
DixSetAttrAccess | The object's attributes are being changed. | SetWindowAttributes, ChangeGC, SetClipRectangles, XFixesSetCursorName |
DixListPropAccess | User properties set on the object are being listed (windows). | ListProperties |
DixGetPropAccess | A user property set on the object is being read (windows). | GetProperty, RotateProperties |
DixSetPropAccess | A user property set on the object is being written (windows). | ChangeProperty, RotateProperties, DeleteProperty |
DixListAccess | Child objects of the object are being listed out (windows). | QueryTree, MapSubwindows, UnmapSubwindows |
DixAddAccess | A child object is being added to the object (drawables, fonts, colormaps). | CreateWindow, ReparentWindow, AllocColor, RenderCreatePicture, RenderAddGlyphs |
DixRemoveAccess | A child object is being removed from object (drawables, fonts, colormaps). | DestroyWindow, ReparentWindow, FreeColors, RenderFreeGlyphs |
DixHideAccess | Object is being unmapped or hidden from view (drawables, cursor). | UnmapWindow, XFixesHideCursor |
DixShowAccess | Object is being mapped or shown (drawables, cursor). | MapWindow, XFixesShowCursor |
DixBlendAccess | Drawable contents are being mixed in a way that may compromise contents. | Background "None", CompositeRedirectWindow, CompositeRedirectSubwindows |
DixGrabAccess | Override-redirect bit on a window has been set. | CreateWindow, ChangeWindowAttributes |
DixInstallAccess | Colormap is being installed. | InstallColormap |
DixUninstallAccess | Colormap is being uninstalled. | UninstallColormap |
DixSendAccess | An event is being sent to a window. | SendEvent |
DixReceiveAccess | A client is setting an event mask on a window. | ChangeWindowAttributes, XiSelectExtensionEvent |
DixUseAccess | The object is being used without modifying it (fonts, cursors, gc). | CreateWindow, FillPoly, GrabButton, ChangeGC |
DixManageAccess | Window-manager type actions on a drawable. | CirculateWindow, ChangeSaveSet, ReparentWindow |
Table 3. Resource access hook parent objects.
| Resource Type | Parent Resource Type | Notes |
|---|---|---|
RT_WINDOW | RT_WINDOW | Contains the parent window. This will be NULL for root windows. |
RT_PIXMAP | RT_WINDOW | COMPOSITE extension only: the source window is passed as the parent for redirect pixmaps. |
RenderPictureType | RC_DRAWABLE | The source drawable is passed as the parent for Render picture objects. |
This hook allows security extensions to restrict client actions on input devices. The hook argument is a pointer to a structure of type XaceDeviceAccessRec. This structure contains a
client field of type ClientPtr,
a dev field of type DeviceIntPtr,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client attempting to access the device (keyboard). Note that this may be serverClient.
The dev field refers to the input device being accessed.
The access_mode field encodes the type of action being performed. The valid mode bits are described in the table below.
The status field may be set to a nonzero X protocol error code. In this event, the device operation will fail and an error (usually, but not always, the status value) will be returned to the client.
Table 4. Device access hook access modes.
| Access Mode Bit | Meaning | Example Call Site |
|---|---|---|
DixGetAttrAccess | Attributes of the device are being queried. | GetKeyboardMapping, XiGetKeyboardControl, XkbGetDeviceInfo |
DixReadAccess | The state of the device is being polled. | QueryPointer, QueryKeymap, XkbGetState |
DixWriteAccess | The state of the device is being programatically manipulated. | WarpPointer, XTestFakeInput, XiSendExtensionEvent |
DixSetAttrAccess | Per-client device configuration is being performed. | XkbPerClientFlags |
DixManageAccess | Global device configuration is being performed. | ChangeKeyboardMapping, XiChangeDeviceControl, XkbSetControls |
DixUseAccess | The device is being opened or referenced. | XiOpenDevice, XkbSelectEvents |
DixGrabAccess | The device is being grabbed. | GrabPointer, GrabButton, GrabKey |
DixFreezeAccess | The state of the device is being frozen by a synchronous grab. | GrabKeyboard, GrabPointer |
DixForceAccess | The device cursor is being overriden by a grab. | GrabPointer, GrabButton |
DixGetFocusAccess | The device focus is being retrieved. | GetInputFocus, XiGetDeviceFocus |
DixSetFocusAccess | The device focus is being set. | SetInputFocus, XiSetDeviceFocus |
DixBellAccess | The device bell is being rung. | Bell, XiDeviceBell |
DixCreateAccess | The device object has been newly allocated. | XIChangeDeviceHierarchy, XIAddMaster |
DixDestroyAccess | The device is being removed. | XIChangeDeviceHierarchy, XIRemoveMaster |
DixAddAccess | A slave device is being attached to the device. | XIChangeDeviceHierarchy, XIChangeAttachment |
DixRemoveAccess | A slave device is being unattached from the device. | XIChangeDeviceHierarchy, XIChangeAttachment |
DixListPropAccess | Properties set on the device are being listed. | ListDeviceProperties, XIListProperties |
DixGetPropAccess | A property set on the device is being read. | GetDeviceProperty, XIGetProperty |
DixSetPropAccess | A property set on the device is being written. | SetDeviceProperty, XISetProperty |
This hook allows security extensions to monitor all property accesses and additionally to support polyinstantiation if desired. The hook argument is a pointer to a structure of type XacePropertyAccessRec. This structure contains a
client field of type ClientPtr,
a pWin field of type WindowPtr,
a ppProp field of type PropertyPtr*,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client which is accessing the property. Note that this may be serverClient for server lookups.
The pWin field is the window on which the property is being accessed.
The ppProp field is a double-indirect pointer to the PropertyRec structure being accessed. The extra level of indirection supports property polyinstantiation; see below. If your extension does not use the polyinstantiation feature, simply dereference the pointer to obtain a PropertyPtr for the property
The access_mode field encodes the type of action being performed. The valid mode bits are described in the table below.
The status field may be set to a nonzero X protocol error code. In this event, the property request will not be processed further and the error code will be returned to the client. However, the BadMatch code has special meaning; see below.
Table 5. Property access hook mode bits.
| Access Mode Bit | Meaning | Example Call Site |
|---|---|---|
DixCreateAccess | The property object has been newly allocated (this bit will always occur in conjunction with DixWriteAccess). | ChangeProperty |
DixWriteAccess | The property data is being completely overwritten with new data. | ChangeProperty, RotateProperties |
DixBlendAccess | The property data is being appended or prepended to. | ChangeProperty |
DixReadAccess | The property data is being read. | GetProperty |
DixDestroyAccess | The property data is being deleted. | DeleteProperty |
DixGetAttrAccess | Existence of the property is being disclosed. | ListProperties |
DixPostAccess | Post-write call reflecting new contents (this bit will always occur in conjunction with DixWriteAccess). | ChangeProperty |
New in XACE Version 2.0, this hook supports the polyinstantiation of properties. This means that more than one property may exist having the same name, and the security extension can control which property object is seen by which client. To perform property polyinstantiation, your security extension should take the following steps:
When a property is being created (
DixCreateAccess), the security extension should label it appropriately based on the client that is creating it. In this case, theppPropfield should not be modified.When a property is being looked up, the
ppPropfield will refer to the first structure in the linked list with the given name. The security extension may change the ppProp field to a different property structure by traversing the linked list (using the PropertyRecnextfield) to find an alternate structure with the same property name.Alternately, when a property is being looked up, the
statusmay be set toBadMatchwhich will cause the DIX layer to treat the property as not existing. This may result in an additional property object with the same name being created (in which case the hook will be called again with the create access mode).
New in XACE Version 2.2, this hook allows security extensions to verify the contents of properties after the client has written them. On a property change, the property access hook will be called twice. The first call is unchanged from previous versions. The second call will have the DixPostAccess bit together with DixWriteAccess and the ppProp property pointer will contain the new data. Setting the status field to something other than Success will cause the previous property contents to be restored and the client to receive the status code as an error.
Note that in the case of property creation (when DixCreateAccess is set), the ppProp field already reflects the new data. Hence security extensions wishing to validate property data should check for either DixPostAccess or DixCreateAccess in conjunction with DixWriteAccess. If your extension does not need this feature, simply ignore calls with the DixPostAccess bit set.
This hook allows security extensions to prevent devices and clients from posting X events to a given window. The hook argument is a pointer to a structure of type XaceSendAccessRec. This structure contains
a client field of type ClientPtr,
a dev field of type DeviceIntPtr,
a pWin field of type WindowPtr,
a events field of type events,
a count field of type int,
and a status field of type int.
The client field refers to the client attempting a SendEvent request or other synthetic event generation to the given window. This field may be NULL if the dev field is set.
The dev field refers to the device attempting to post an event which would be delivered to the given window. This field may be NULL if the client field is set.
The pWin field refers to the target window.
The events field refers to the events that are being sent.
The count field contains the number of events in the events array.
The status field may be set to a nonzero X protocol error code. In this event, the events will be dropped on the floor instead of being delivered.
Warning
This hook does not currently cover all instances of event delivery.
This hook allows security extensions to prevent a client from receiving X events that have been delivered to a given window. The hook argument is a pointer to a structure of type XaceReceiveAccessRec. This structure contains
a client field of type ClientPtr,
a pWin field of type WindowPtr,
a events field of type events,
a count field of type int,
and a status field of type int.
The client field refers to the client to which the event would be delivered.
The pWin field refers to the window where the event has been sent.
The events field refers to the events that are being sent.
The count field contains the number of events in the events array.
The status field may be set to a nonzero X protocol error code. In this event, the events will not be delivered to the client.
Warning
This hook does not currently cover all instances of event delivery.
This hook allows security extensions to prevent clients from manipulating other clients directly. This hook applies to a small set of protocol requests such as KillClient. The hook argument is a pointer to a structure of type XaceClientAccessRec. This structure contains
a client field of type ClientPtr,
a target field of type ClientPtr,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client making the request.
The target field refers to the client being manipulated.
The access_mode field encodes the type of action being performed. The valid mode bits are described in the table below.
The status field may be set to a nonzero X protocol error code. In this event, the request will fail and an error (usually, but not always, the status value) will be returned to the client.
Table 6. Client access hook mode bits.
| Access Mode Bit | Meaning | Example Call Site |
|---|---|---|
DixGetAttrAccess | Attributes of the client are being queried. | SyncGetPriority |
DixSetAttrAccess | Attributes of the client are being set. | SyncSetPriority |
DixManageAccess | The client's close-down-mode (which affects global server resource management) is being set. | SetCloseDownMode |
DixDestroyAccess | The client is being killed. | KillClient |
This hook allows security extensions to approve or deny requests involving which extensions are supported by the server. This allows control over which extensions are visible. The hook argument is a pointer to a structure of type XaceExtAccessRec. This structure contains a
client field of type ClientPtr,
a ext field of type ExtensionEntry*,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client making the incoming request, which is typically QueryExtension or ListExtensions.
The ext field refers to the extension being accessed. This is required information since extensions are not associated with any particular major number.
The access_mode field is set to DixGetAttrAccess when this hook is exercised.
The status field may be set to a nonzero X protocol error code. In this event, the extension will be reported as not supported (QueryExtensions) or omitted from the returned list (ListExtensions).
Warning
If this hook is used, an extension dispatch hook should also be installed to make sure that clients cannot circumvent the check by guessing the major opcodes of extensions.
This hook allows security extensions to approve or deny requests that affect the X server itself. The hook argument is a pointer to a structure of type XaceServerAccessRec, which contains
a client field of type ClientPtr,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client making the request.
The access_mode field encodes the type of action being performed. The valid mode bits are described in the table below.
The status field may be set to a nonzero X protocol error code. In this event, the request will fail and an error (usually, but not always, the status value) will be returned to the client.
Table 7. Server access hook mode bits.
| Access Mode Bit | Meaning | Example Call Site |
|---|---|---|
DixGetAttrAccess | Attributes of the server are being queried. | GetFontPath |
DixSetAttrAccess | Attributes of the server are being set. | SetFontPath |
DixManageAccess | Server management is being performed. | ChangeAccessControl, ListHosts |
DixGrabAccess | A server grab is being performed. | GrabServer |
DixReadAccess | The server's actions are being recorded. | Record, XEVIE extensions |
DixDebugAccess | Server debug facilities are being used. | XTest extension, XkbSetDebuggingFlags |
This hook allows security extensions to monitor all selection accesses and additionally to support polyinstantiation if desired. The hook argument is a pointer to a structure of type XaceSelectionAccessRec. This structure contains a
client field of type ClientPtr,
a ppSel field of type Selection**,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client which is accessing the property. Note that this may be serverClient for server lookups.
The ppSel field is a double-indirect pointer to the Selection structure being accessed. The extra level of indirection supports selection polyinstantiation; see below. If your extension does not use the polyinstantiation feature, simply dereference the pointer to obtain a SelectionRec * for the selection.
The access_mode field encodes the type of action being performed. The valid mode bits are described in the table below.
The status field may be set to a nonzero X protocol error code. In this event, the property request will not be processed further and the error code will be returned to the client. However, the BadMatch code has special meaning; see below.
Table 8. Selection access hook mode bits.
| Access Mode Bit | Meaning | Example Call Site |
|---|---|---|
DixCreateAccess | The selection object has been newly allocated (this bit will always occur in conjunction with DixSetAttrAccess). | SetSelectionOwner |
DixSetAttrAccess | The selection owner is being set. | SetSelectionOwner |
DixGetAttrAccess | The selection owner is being queried. | GetSelectionOwner |
DixReadAccess | A convert operation is being requested on the selection. | ConvertSelection |
This hook supports the polyinstantiation of selections. This means that more than one selection may exist having the same name, and the security extension can control which selection object is seen by which client. To perform selection polyinstantiation, your security extension should take the following steps:
When selection ownership is being established (
DixSetAttrAccess), the security extension should label it appropriately based on the client that is taking ownership. In this case, theppSelfield should not be modified.When a selection is being looked up, the
ppPropfield will refer to the first structure in the linked list with the given name. The security extension may change the ppSel field to a different selection structure by traversing the linked list (using the Selectionnextfield) to find an alternate structure with the same selection name.Alternately, when a selection is being looked up, the
statusmay be set toBadMatchwhich will cause the DIX layer to treat the selection as not existing. This may result in an additional selection object with the same name being created (in which case the hook will be called again with the create access mode).
This hook allows security extensions to approve or deny requests that manipulate screen objects The hook argument is a pointer to a structure of type XaceScreenAccessRec. This structure contains a
client field of type ClientPtr,
a screen field of type ScreenPtr,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client making the request.
The screen field refers to the screen object being referenced.
The access_mode field encodes the type of action being performed. The valid mode bits are described in the table below.
The status field may be set to a nonzero X protocol error code. In this event, the request will not be processed further and the error code will be returned to the client.
Table 9. Screen access hook mode bits.
| Access Mode Bit | Meaning | Example Call Site |
|---|---|---|
DixGetAttrAccess | Attributes of the screen object are being queried. | ListInstalledColormaps, QueryBestSize |
DixSetAttrAccess | Attributes of the screen object are being set. | InstallColormap |
DixHideAccess | The cursor on the screen is being globally hidden. | XFixesHideCursor |
DixShowAccess | The cursor on the screen is being globally unhidden. | XFixesShowCursor |
This hook allows security extensions to approve or deny requests that manipulate the screensaver. The hook argument is a pointer to a structure of type XaceScreenAccessRec. This structure contains a
client field of type ClientPtr,
a screen field of type ScreenPtr,
a access_mode field of type Mask,
and a status field of type int.
The client field refers to the client making the request.
The screen field refers to the screen object being referenced.
The access_mode field encodes the type of action being performed. The valid mode bits are described in the table below.
The status field may be set to a nonzero X protocol error code. In this event, the request will not be processed further and the error code will be returned to the client.
Table 10. Screen saver access hook mode bits.
| Access Mode Bit | Meaning | Example Call Site |
|---|---|---|
DixGetAttrAccess | Attributes of the screen saver are being queried. | GetScreenSaver, ScreenSaverQueryInfo |
DixSetAttrAccess | Attributes of the screen saver are being set. | SetScreenSaver, ScreenSaverSelectInput |
DixHideAccess | The screen saver is being programmatically activated. | ForceScreenSaver, DPMSEnable |
DixShowAccess | The screen saver is being programmatically deactivated. | ForceScreenSaver, DPMSDisable |
This hook allows security extensions to examine the authorization associated with a newly connected client. This can be used to set up client security state depending on the authorization method that was used. The hook argument is a pointer to a structure of type XaceAuthAvailRec. This structure contains a
client field of type ClientPtr,
and a authId field of type XID.
The client field refers to the newly connected client.
The authId field is the resource ID of the client's authorization.
This hook has no return value.
Note
This hook is called after the client enters the initial state and before the client enters the running state. Keep this in mind if your security extension uses the ClientStateCallback list to keep track of clients.
This hook is a legacy of the APPGROUP Extension. In the future, this hook may be phased out in favor of a new client state, ClientStateAuthenticated.
This hook allows security extensions to examine keypresses outside of the normal event mechanism. This could be used to implement server-side hotkey support. The hook argument is a pointer to a structure of type XaceKeyAvailRec. This structure contains a
event field of type xEventPtr,
a keybd field of type DeviceIntPtr,
and a count field of type int.
The event field refers to the keyboard event, typically a KeyPress or KeyRelease.
The keybd field refers to the input device that generated the event.
The count field is the number of repetitions of the event (not 100\% sure of this at present, however).
This hook has no return value.
Two hooks provide basic auditing support. The begin hook is called immediately before an incoming client request is dispatched and before the dispatch hook is called (refer to the section called “Core Dispatch”). The end hook is called immedately after the processing of the request has finished. The hook argument is a pointer to a structure of type XaceKeyAvailRec. This structure contains a
client field of type ClientPtr,
and a requestResult field of type int.
The client field refers to client making the request.
The requestResult field contains the result of the request, either Success or one of the protocol error codes. Note that this field is significant only in the end hook.
These hooks have no return value.