Commit 54634b36 authored by Demi Marie Obenour's avatar Demi Marie Obenour
Browse files

Allow client to force server to terminate if it exits

This is intended to be used by screen lockers, where the server must
exit if the screen locker does, to avoid a security hole.  As suggested
by Alan Coopersmith, this is implemented using a new flag for the
disconnect mode of the XFixes extension.
parent a0ed054e
Pipeline #368889 passed with stages
in 2 minutes and 14 seconds
......@@ -3,6 +3,6 @@ includedir=@includedir@
Name: FixesProto
Description: X Fixes extension headers
Version: 6.0
Version: 6.1
Cflags: -I${includedir}
Requires: xextproto >=
The XFIXES Extension
Version 5.0
Version 6.1
Document Revision 1
Keith Packard
......@@ -666,15 +666,34 @@ when the relevant X11 clients have quit.
XFixesClientDisconnectFlagDefault: 0
XFixesClientDisconnectFlagTerminate: 1 << 0
XFixesClientDisconnectFlagForceTerminate: 1 << 1
XFixesClientDisconnectFlagDefault is the default behavior for
regular clients, i.e. the X11 server won't terminate as long as such
clients are still connected.
regular clients: the X11 server won't terminate as long as such
clients are still connected, and should this client disconnect,
the server will continue running so long as other clients (that
have not set XFixesClientDisconnectFlagTerminate) are connected.
XFixesClientDisconnectFlagTerminate indicates to the X11 server that
it can ignore the client and terminate itself even though the client
is still connected to the X11 server.
XFixesClientDisconnectFlagForceTerminate indicates to the X11 server
that it MUST terminate if this particular client disconnects, even
if other clients that have not set XFixesClientDisconnectFlagTerminate
are still connected. The X11 server is not allowed to destroy any X11
resources (such as grabs or windows) before terminating. Screen
lockers MUST use this flag to ensure that the screen does not unlock
if they exit, which would create a security vulnerability.
To prevent untrusted clients from causing the server to terminate,
servers that support the X Access Control Extension (XACE) MUST deny
attempts to set XFixesClientDisconnectFlagForceTerminate, unless
the client has DixManageAccess to the server.
XFixesClientDisconnectFlagForceTerminate is only available in XFixes
versions 6.1 and better.
13.2 Requests
......@@ -146,4 +146,9 @@
/* The server may disconnect this client to shut down */
#define XFixesClientDisconnectFlagTerminate (1L << 0)
/*************** Version 6.1 ******************/
/* The server must terminate if this client exits */
#define XFixesClientDisconnectFlagForceTerminate (1L << 1)
#endif /* _XFIXESWIRE_H_ */
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment