Re: limitations of XACE

No I don't believe it is a problem with XACE. It is a probelm of X itself. The communication path is just two great. It is similar to the problem of the HomeDir. There are so many access and so many paths that are required that you can not fully isolate the client.

As an example I do not want to allow the app to "screen Scrape" any other app running, doing this with XACE causes the confined app to not run correctly.

