Disabling XACE Extension (and other code build) by default

[Tiago Vignatti]

Hi Eamon and all,

Last I remember, we want all possible build options set as on by default just
to be sure the code they enable still being able to build after general
changes. Is that correct?

---

Apart from that, is there a reason to have XACE enabled by default without any
hook backend? This is how the server is being compiled now by default.

It's very likely that I'm going to disable this in MeeGo because we are not
caring about security in X level (!). Each request sent to the server kicks
the scheduler which access the function table surrounded by XaceHookDispatch()
and XaceHookAuditEnd() functions. Each request procedure has also a call to
XaceHook(). XChangeProperty() is very often called by applications also to
alters window's property, which in turn kicks XaceHookPropertyAccess(). All of
those hooks are not expensive because they don't have a backend, but they are
called a lot and useless for me. See:

with XACE:
    x11perf --noop: ~7820000

without XACE:
    x11perf --noop: ~10300000


Of course these numbers can be lying a bit because one normal single operation
usually takes much more time in CPU. But even so seems worth to disable.


Cheers,
             Tiago