diff --git a/dix/window.c b/dix/window.c
index dcd265456..5ef0c9c4a 100644
--- a/dix/window.c
+++ b/dix/window.c
@@ -3732,3 +3732,22 @@ WindowGetVisual(WindowPtr pWin)
             return &pScreen->visuals[i];
     return 0;
 }
+
+/*
+ * @brief check whether a window (ID) is a screen root window
+ *
+ * The underlying resource query is explicitly done on behalf of serverClient,
+ * so XACE resource hooks don't recognize this as a client action.
+ * It's explicitly designed for use in hooks that don't wanna cause unncessary
+ * traffic in other XACE resource hooks: things done by the serverClient usually
+ * considered safe enough for not needing any additional security checks.
+ * (we don't have any way for completely skipping the XACE hook yet)
+ */
+Bool dixWindowIsRoot(Window window)
+{
+    WindowPtr pWin;
+    int rc = dixLookupWindow(&pWin, window, serverClient, DixGetAttrAccess);
+    if (rc != Success)
+        return FALSE;
+    return (pWin == pWin->drawable.pScreen->root);
+}
diff --git a/dix/window_priv.h b/dix/window_priv.h
index cf28b1f70..af6ab917c 100644
--- a/dix/window_priv.h
+++ b/dix/window_priv.h
@@ -41,4 +41,16 @@ WindowPtr dixCreateWindow(Window wid,
  */
 Bool MakeWindowOptional(WindowPtr pWin);
 
+/*
+ * @brief check whether a window (ID) is a screen root window
+ *
+ * The underlying resource query is explicitly done on behalf of serverClient,
+ * so XACE resource hooks don't recognize this as a client action.
+ * It's explicitly designed for use in hooks that don't wanna cause unncessary
+ * traffic in other XACE resource hooks: things done by the serverClient usually
+ * considered safe enough for not needing any additional security checks.
+ * (we don't have any way for completely skipping the XACE hook yet)
+ */
+Bool dixWindowIsRoot(Window window);
+
 #endif /* _XSERVER_DIX_WINDOW_PRIV_H */