An <action> applies to all <operations> that follow it, until the next <action> is encountered. Thus,
"irwad" means "ignore read and write, allow delete."
GetProperty and RotateProperties may do multiple operations (r and d, or r and w). If different actions
apply to the operations, the most severe action is applied to the whole request; there is no partial request
execution. The severity ordering is:
allow < ignore < error
Thus, if the <perms> for a property are ired (ignore read, error delete), and an untrusted client attempts
GetProperty on that property with delete=True, an error is returned, but the property value is not.
Similarly, if any of the properties in a RotateProperties do not allow both read and write, an error is
returned without changing any property values.
Here is an example security policy file.
version-1
# Allow reading of application resources, but not writing.
property RESOURCE_MANAGER root ar iw
property SCREEN_RESOURCES root ar iw
# Ignore attempts to use cut buffers. Giving errors causes apps to crash,
# and allowing access may give away too much information.
property CUT_BUFFER0 root irw
property CUT_BUFFER1 root irw
property CUT_BUFFER2 root irw
property CUT_BUFFER3 root irw
property CUT_BUFFER4 root irw
property CUT_BUFFER5 root irw
property CUT_BUFFER6 root irw
property CUT_BUFFER7 root irw
# If you are using Motif, you may want these.
property _MOTIF_DEFAULT_BINDINGS root ar iw
property _MOTIF_DRAG_WINDOW root ar iw
property _MOTIF_DRAG_TARGETS any ar iw
property _MOTIF_DRAG_ATOMS any ar iw
property _MOTIF_DRAG_ATOM_PAIRS any ar iw
# The next two rules let xwininfo -tree work when untrusted.
property WM_NAME any ar
# Allow read of WM_CLASS, but only for windows with WM_NAME.
# This might be more restrictive than necessary, but demonstrates
# the <required property> facility, and is also an attempt to
Graphics Administration Guide for HP-UX 10.20
Page 149