Patch Name: PHKL_28804 Patch Description: s700 10.26 HFS sticky bit patch Creation Date: 03/03/07 Post Date: 03/03/26 Hardware Platforms - OS Releases: s700: 10.26 Products: N/A Filesets: OS-Core.CORE-KRN Automatic Reboot?: Yes Status: General Release Critical: No Path Name: /hp-ux_patches/s700/10.X/PHKL_28804 Symptoms: PHKL_28804: 1. On an extended HFS file system, a sticky bit directory containing files and sub-directories will allow a user other than the owner to remove a file in the directory if the permission bits allow group or world access. This violates sticky bit rules. Defect Description: PHKL_28804: 1. Sticky bit functionality was not ported correctly when enhancing the HFS file system.When the sticky bit is set on a directory,a file may be deleted from that directory only by the owner of the file, owner of the parent directory, or a privileged user.The disposition of the group and world permission bits are disregarded for this check. Resolution: 1. Fixed the check access algorithm when the parent directory is a sticky bit directory. SR: 0000000000 Patch Files: /usr/conf/lib/libufs.a(ufs_dir.o) what(1) Output: /usr/conf/lib/libufs.a(ufs_dir.o): 03/03/06 kern/ufs/ufs_dir.c, hpux, hpux_10.26, ic5hl Revision 1.5 PATCH_10.26 (PHKL_28804) cksum(1) Output: 1714377053 21632 /usr/conf/lib/libufs.a(ufs_dir.o) Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: PHKL_28805: s800: 10.26 Patch Package Size: 80 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHKL_28804 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHKL_28804.depot By default swinstall will archive the original software in /var/adm/sw/patch/PHKL_28804. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. WARNING: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHKL_28804.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHKL_28804.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None