HP Visualize J5000 HP Workstations - Graphics Administration Guide For Red Hat - Page 67

XCQUERY-SECURITY-1, GetProperty, There may be multiple &lt

Get HP Visualize J5000 - Workstation PDF manuals and user guides View all HP Visualize J5000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 67 highlights

lines are currently ignored. They are intended to specify the site policies used by the XCQUERY-SECURITY-1 authorization method. lines specify how the server should react to untrusted client requests that affect the X Window property named . The rest of this section describes the interpretation of an . For an to apply to a given instance of , must be on a window that is in the set of windows specified by . If is any, the rule applies to on any window. If is root, the rule applies to only on root windows. If is , the following apply. If is a , the rule applies when the window also has that , regardless of its value. If is a , must also have the value specified by . In this case, the property must have type STRING and format 8, and should contain one or more null-terminated strings. If any of the strings match , the rule applies. The definition of string matching is simple case-sensitive string comparison with one elaboration: the occurence of the character '*' in is a wildcard meaning "any string." A can contain multiple wildcards anywhere in the string. For example, "x*" matches strings that begin with x, "*x" matches strings that end with x, "*x*" matches strings containing x, and "x*y*" matches strings that start with x and subsequently contain y. There may be multiple lines for a given . The rules are tested in the order that they appear in the file. The first rule that applies is used. specify operations that untrusted clients may attempt, and the actions that the server should take in response to those operations. can be r (read), w (write), or d (delete). The following table shows how X Protocol property requests map to these operations in The Open Group server implementation. GetProperty ChangeProperty RotateProperties DeleteProperty ListProperties r, or r and d if delete=True w r and w d none, untrusted clients can always list all properti can be "a" (allow), "i" (ignore), or "e" (error). "Allow" means execute the request as if it had been issued by a trusted client. "Ignore" means treat the request as a no-op. In the case of GetProperty, ignore means return an empty property value if the Graphics Administration Guide For Red Hat Linux 6.2

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
<
sitepolicy
> lines are currently ignored. They are intended to specify the site policies
used by the
XCQUERY-SECURITY-1
authorization method.
<
access rule
> lines specify how the server should react to untrusted client requests that
affect the X Window property named <
property/ar
>. The rest of this section describes
the interpretation of an <
access rule
>.
For an <
access rule
> to apply to a given instance of <
property/ar
>, <
property/ar
> must
be on a window that is in the set of windows specified by <
window
>. If <
window
> is any,
the rule applies to <
property/ar
> on any window. If <
window
> is root, the rule applies to
<
property/ar
> only on root windows.
If <window> is <required property>, the following apply. If <required property> is a
<property/rp>, the rule applies when the window also has that <property/rp>, regardless
of its value. If <required property> is a <property with value>, <property/rpv> must also
have the value specified by <string/rv>. In this case, the property must have type
STRING and format 8, and should contain one or more null-terminated strings. If any of
the strings match <string/rv>, the rule applies
.
The definition of string matching is simple case-sensitive string comparison with one
elaboration: the occurence of the character '*' in <
string/rv
> is a wildcard meaning "any
string." A <
string/rv
> can contain multiple wildcards anywhere in the string. For
example, "
x*
" matches strings that begin with
x
, "
*x
" matches strings that end with
x
,
"
*x*
" matches strings containing
x
, and "
x*y*
" matches strings that start with
x
and
subsequently contain
y
.
There may be multiple <
access rule
> lines for a given <
property/ar
>. The rules are tested
in the order that they appear in the file. The first rule that applies is used.
<
perms
> specify operations that untrusted clients may attempt, and the actions that the
server should take in response to those operations.
<
operation
> can be
r
(read),
w
(write), or
d
(delete). The following table shows how
X Protocol property requests map to these operations in The Open Group server
implementation.
GetProperty
r, or r and d if delete=True
ChangeProperty
w
RotateProperties
r and w
DeleteProperty
d
ListProperties
none, untrusted clients can always list all
properti
<
action
> can be "
a
" (allow), "
i
" (ignore), or "
e
" (error). "Allow" means execute the
request as if it had been issued by a trusted client. "Ignore" means treat the request as a
no-op. In the case of
GetProperty
, ignore means return an empty property value if the
Graphics Administration Guide For Red Hat Linux 6.2