HPE Community
Operating System - HP-UX
1752729 Members
5842 Online
108789 Solutions
New Discussion

Re: Sticky Bit "t“; which process could set it?

 
arking1981
Frequent Advisor

‎07-10-2012 01:30 PM

‎07-10-2012 01:30 PM

Sticky Bit "t“; which process could set it?

Dear there,

 

This is happening on our cusomters' server. I don't know when this started but when our program began to have problem I got to notice that.  Our program fails because it has to delete some temp files under /var/tmp, and those files have sticky bit "t" set, so our program can't delete it becasue the users to create it and delete it are different. This is somehow our design but my question is why the sticky bit "t" was suddenly got to set? while before it didn't.

 

By "fuer /var/tmp" I can find some  snmp processes are using this directory, should any of them are setting sticky bit "t"??

    root 18859 1 0 Jul 5 ? 0:00 /usr/sbin/trapdestagt
    root 18865 1 0 Jul 5 ? 0:00 /usr/sbin/fddi4subagt
    root 18836 1 0 Jul 5 ? 0:13 /usr/sbin/mib2agt
    root 4833 928 1 15:03:07 pts/4 0:00 grep -E 18859|18865|18836|18811
    root 18811 1 0 Jul 5 ? 0:00 /usr/sbin/hp_unixagt
Please suggest. Thanks in advance.
Regards
Kang
Hello world...
0 Kudos
Reply
5 REPLIES 5
Dennis Handly
Acclaimed Contributor

‎07-10-2012 03:36 PM

‎07-10-2012 03:36 PM

Re: Sticky Bit "t“; which process could set it?

Setting the sticky bit on tmp directories is a security measure, a good thing (TM).  So any program like bastille could be doing it.

 

Also, if the bit isn't set on /var/tmp/, you'll get a nasty message in syslog.log from ld or a compiler.

 

>SNMP processes are using this directory, should any of them be setting sticky bit?

 

Probably not.

0 Kudos
Reply
Bill Hassell
Honored Contributor

‎07-10-2012 06:16 PM

‎07-10-2012 06:16 PM

Re: Sticky Bit "t“; which process could set it?

There is nothing automatic in HP-UX to change the permission bits on /var/tmp. Perhaps some security expert has added a job to crontab to make sure the permissions are safe. If you change /var/tmp to 777 (no sticky bit) then everyone on your computer can remove or rename any files, and even create directories and subdirectories to hide your files. If these files are important, then /var/tmp is not the right place. There are many different ways to control the content of files as well as their existence (the permissions are separate and independent of each other).



Bill Hassell, sysadmin
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎07-10-2012 08:08 PM

‎07-10-2012 08:08 PM

Re: Sticky Bit "t“; which process could set it?

>There is nothing automatic in HP-UX to change the permission bits on /var/tmp

 

Possibly someone doing "swverify -F" on filesets that mention /var/tmp/.

0 Kudos
Reply
arking1981
Frequent Advisor

‎07-11-2012 03:09 PM

‎07-11-2012 03:09 PM

Re: Sticky Bit "t“; which process could set it?

Thanks everybody. 

 

Should swverify set this bit? I will try to find out

Hello world...
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎07-11-2012 03:17 PM - edited ‎07-11-2012 03:20 PM

‎07-11-2012 03:17 PM - edited ‎07-11-2012 03:20 PM

Re: Sticky Bit "t“; which process could set it?

>Should swverify set this bit?

 

Only if you order it to do so with -F, on the right (or all) filesets.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.