[PATCH 1/1] dix: Check whether grab allowed by security provider

Richard Haines richard_c_haines at btinternet.com
Thu Jul 5 09:46:19 PDT 2012


This patch was created using xorg-server-1.12.2 source.

Call XACE to verify if grab access is allowed.

Signed-off-by: Richard Haines <richard_c_haines at btinternet.com>
---
 dix/events.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/dix/events.c b/dix/events.c
index 86336fe..0ce2140 100644
--- a/dix/events.c
+++ b/dix/events.c
@@ -3807,7 +3807,11 @@ CheckPassiveGrab(DeviceIntPtr device, GrabPtr grab, InternalEvent *event,
             return FALSE;
     }
 
-    return TRUE;
+    /* Finally check whether grab allowed by security provider */
+    if (XaceHook(XACE_DEVICE_ACCESS, rClient(grab), device, DixGrabAccess) == 0)
+        return TRUE;
+    else
+        return FALSE;
 }
 
 /**
-- 
1.7.10.4



More information about the xorg-devel mailing list