module Xorg 1.0;

require {
        type xserver_t;
        class process execmem;
}

#============= xserver_t ==============
# Note: you can also use one of the following boolean: allow_execmem, allow_execstack
allow xserver_t self:process execmem;