Resources that are not created by clients are default resources that are protected at ADMIN_LOW. Only clients that run at ADMIN_LOW or with the appropriate privileges can modify default resources.
The following are window resources:
Root window attributes – All clients have read and create access, but only privileged clients have write or modify access. See Privileged Operations and the Trusted X Window System.
Default cursor – Clients are free to reference the default cursor in protocol requests.
Predefined atoms – The TrustedExtensionsPolicy file contains a read-only list of predefined atoms.