HP Workstation zx2000 HP Graphics Administration Guide for HP-UX 11.X (IPF ver - Page 38

configuring an X Server on HP-UX Syntax Security Section Syntax (Continued) Description Can be r (read), w (write), or d (delete). The following table shows how X Protocol property requests map to these operations in The Open Group server implementation. GetProperty ChangeProperties RotateProperties DeleteProperty r, or r and d if delete = True w r and w d ListProperties none, untrusted clients can always list all properties Can be a (allow), i (ignore), or e (error). Allow means execute the request as if it had been issued by a trusted client. Ignore means treat the request as a no-op. In the case of GetProperty, ignore means return an empty property value if the property exists, regardless of its actual value. Error means do not execute the request and return a BadAtom error with the atom set to the property name. Error is the default action for all properties, including those not listed in the security policy file. An applies to all s that follow it, until the next is encountered. Thus, irwad means ignore read and write, allow delete. GetProperty and RotateProperties may do multiple operations (r and d, or r and w). If different actions apply to the operations, the most severe action is applied to the whole request; there is no partial request execution. The severity ordering is: allow < ignore < error. Thus, if the for a property are ired (ignore read, error delete), and an untrusted client attempts GetProperty on that property with delete = True, an error is returned, but the property value is not. Similarly, if any of the properties in a RotateProperties do not allow both read and write, an error is returned without changing any property values. 4-26 Graphics Administration Guide