--- ./nx-X11/programs/Xserver/Xext/security.c.X.original	2015-02-13 14:03:44.684442691 +0100
+++ ./nx-X11/programs/Xserver/Xext/security.c	2015-02-13 14:03:44.684442691 +0100
@@ -27,6 +27,23 @@
 */
 /* $XFree86: xc/programs/Xserver/Xext/security.c,v 1.16tsi Exp $ */
 
+/**************************************************************************/
+/*                                                                        */
+/* Copyright (c) 2001, 2011 NoMachine, http://www.nomachine.com/.         */
+/*                                                                        */
+/* NX-X11, NX protocol compression and NX extensions to this software     */
+/* are copyright of NoMachine. Redistribution and use of the present      */
+/* software is allowed according to terms specified in the file LICENSE   */
+/* which comes in the source distribution.                                */
+/*                                                                        */
+/* Check http://www.nomachine.com/licensing.html for applicability.       */
+/*                                                                        */
+/* NX and NoMachine are trademarks of Medialogic S.p.A.                   */
+/*                                                                        */
+/* All rights reserved.                                                   */
+/*                                                                        */
+/**************************************************************************/
+
 #ifdef HAVE_DIX_CONFIG_H
 #include <dix-config.h>
 #endif
@@ -54,14 +71,49 @@
 #include <stdio.h>  /* for file reading operations */
 #include <X11/Xatom.h>  /* for XA_STRING */
 
+#ifdef NXAGENT_SERVER
+
+#include <unistd.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#endif
+
 #ifndef DEFAULTPOLICYFILE
 # define DEFAULTPOLICYFILE NULL
 #endif
+
+#ifdef NXAGENT_SERVER
+
+#define NX_ALTERNATIVEPOLICYFILE "/usr/lib/xserver/SecurityPolicy"
+
+#endif
+
 #if defined(WIN32) || defined(__CYGWIN__)
 #include <X11/Xos.h>
 #undef index
 #endif
 
+/*
+ * Set here the required NX log level.
+ */
+
+#ifdef NXAGENT_SERVER
+
+#define PANIC
+#define WARNING
+#undef  TEST
+#undef  DEBUG
+
+#endif
+
+#ifdef NXAGENT_SERVER
+
+static char _NXPolicyFilePath[1024];
+
+#endif
+
 #include "modinit.h"
 
 static int SecurityErrorBase;  /* first Security error number */
@@ -87,6 +139,115 @@
     ClientPtr /*client*/
 );
 
+#ifdef NXAGENT_SERVER
+
+/*
+ * This function returns the SecurityPolicy
+ * file full path. This path is referred by
+ * SecurityPolicyFile variable (generally it
+ * contains the hardcoded path at compile time).
+ * If the path does not exist, the function will
+ * try a set of well known paths.
+ */
+
+const char *_NXGetPolicyFilePath(const char *path)
+{
+
+  struct stat SecurityPolicyStat;
+
+  /*
+   * Check the policy file path only once.
+   */
+
+  if (*_NXPolicyFilePath != '\0')
+  {
+    return _NXPolicyFilePath;
+  }
+
+  if (stat(path, &SecurityPolicyStat) == 0)
+  {
+    if (strlen(path) + 1 > 1024)
+    {
+      #ifdef WARNING
+      fprintf(stderr, "_NXGetPolicyFilePath: WARNING! Maximum length of SecurityPolicy file path exceeded.\n");
+      #endif
+
+      goto _NXGetPolicyFilePathError;
+    }
+
+    strcpy(_NXPolicyFilePath, path);
+
+    #ifdef TEST
+    fprintf(stderr, "_NXGetPolicyFilePath: Using SecurityPolicy file path [%s].\n",
+                _NXPolicyFilePath);
+    #endif
+
+    return _NXPolicyFilePath;
+  }
+
+  if (stat(DEFAULTPOLICYFILE, &SecurityPolicyStat) == 0)
+  {
+    if (strlen(DEFAULTPOLICYFILE) + 1 > 1024)
+    {
+      #ifdef WARNING
+      fprintf(stderr, "_NXGetPolicyFilePath: WARNING! Maximum length of SecurityPolicy file path exceeded.\n");
+      #endif
+
+      goto _NXGetPolicyFilePathError;
+    }
+
+    strcpy(_NXPolicyFilePath, DEFAULTPOLICYFILE);
+
+    #ifdef TEST
+    fprintf(stderr, "_NXGetPolicyFilePath: Using SecurityPolicy file path [%s].\n",
+                _NXPolicyFilePath);
+    #endif
+
+    return _NXPolicyFilePath;
+  }
+
+  if (stat(NX_ALTERNATIVEPOLICYFILE, &SecurityPolicyStat) == 0)
+  {
+    if (strlen(NX_ALTERNATIVEPOLICYFILE) + 1 > 1024)
+    {
+      #ifdef WARNING
+      fprintf(stderr, "_NXGetPolicyFilePath: WARNING! Maximum length of SecurityPolicy file path exceeded.\n");
+      #endif
+
+      goto _NXGetPolicyFilePathError;
+    }
+
+    strcpy(_NXPolicyFilePath, NX_ALTERNATIVEPOLICYFILE);
+
+    #ifdef TEST
+    fprintf(stderr, "_NXGetPolicyFilePath: Using SecurityPolicy file path [%s].\n",
+                _NXPolicyFilePath);
+    #endif
+
+    return _NXPolicyFilePath;
+  }
+
+_NXGetPolicyFilePathError:
+
+  if (strlen(path) + 1 > 1024)
+  {
+    #ifdef WARNING
+    fprintf(stderr, "_NXGetPolicyFilePath: WARNING! Maximum length of SecurityPolicy file exceeded.\n");
+    #endif
+  }
+
+  strcpy(_NXPolicyFilePath, path);
+
+  #ifdef TEST
+  fprintf(stderr, "_NXGetPolicyFilePath: Using default SecurityPolicy file path [%s].\n",
+              _NXPolicyFilePath);
+  #endif
+
+  return _NXPolicyFilePath;
+}
+
+#endif
+
 /* SecurityAudit
  *
  * Arguments:
@@ -1647,18 +1808,60 @@
 
     SecurityMaxPropertyName = 0;
 
+#ifdef NXAGENT_SERVER
+
+    if (!_NXGetPolicyFilePath(SecurityPolicyFile))
+    {
+      return;
+    }
+
+#else
+
     if (!SecurityPolicyFile)
 	return;
 
+#endif
+
 #ifndef __UNIXOS2__
+
+#ifdef NXAGENT_SERVER
+
+    f = Fopen(_NXGetPolicyFilePath(SecurityPolicyFile), "r");
+
+#else
+
     f = Fopen(SecurityPolicyFile, "r");
+
+#endif
+
+#else
+
+#ifdef NXAGENT_SERVER
+
+    f = Fopen((char*)__XOS2RedirRoot( _NXGetPolicyFilePath(SecurityPolicyFile)), "r");
+
 #else
+
     f = Fopen((char*)__XOS2RedirRoot(SecurityPolicyFile), "r");
-#endif    
+
+#endif
+
+#endif
+ 
     if (!f)
     {
+#ifdef NXAGENT_SERVER
+
+        ErrorF("error opening security policy file %s\n",
+                   _NXGetPolicyFilePath(SecurityPolicyFile));
+
+#else
+
 	ErrorF("error opening security policy file %s\n",
 	       SecurityPolicyFile);
+
+#endif
+
 	return;
     }
 
@@ -1678,8 +1881,19 @@
 	    char *v = SecurityParseString(&p);
 	    if (strcmp(v, SECURITY_POLICY_FILE_VERSION) != 0)
 	    {
+
+#ifdef NXAGENT_SERVER
+
+                ErrorF("%s: invalid security policy file version, ignoring file\n",
+                           _NXGetPolicyFilePath(SecurityPolicyFile));
+
+#else
+
 		ErrorF("%s: invalid security policy file version, ignoring file\n",
 		       SecurityPolicyFile);
+
+#endif
+
 		break;
 	    }
 	    validLine = TRUE;
@@ -1706,9 +1920,22 @@
 	    }
 	}
 
+#ifdef NXAGENT_SERVER
+
+        if (!validLine)
+        {
+          ErrorF("Line %d of %s invalid, ignoring\n",
+                     lineNumber, _NXGetPolicyFilePath(SecurityPolicyFile));
+        }
+
+#else
+
 	if (!validLine)
 	    ErrorF("Line %d of %s invalid, ignoring\n",
 		   lineNumber, SecurityPolicyFile);
+
+#endif
+
     } /* end while more input */
 
 #ifdef PROPDEBUG
@@ -1799,7 +2026,17 @@
     {
 	struct stat buf;
 	static time_t lastmod = 0;
+
+#ifdef NXAGENT_SERVER
+
+        int ret = stat(_NXGetPolicyFilePath(SecurityPolicyFile), &buf);
+
+#else
+
 	int ret = stat(SecurityPolicyFile , &buf);
+
+#endif
+
 	if ( (ret == 0) && (buf.st_mtime > lastmod) )
 	{
 	    ErrorF("reloading property rules\n");