
			Patches for Digital UNIX V4.0E

================================================================================

Files:

/usr/ccs/lib/libsecurity.a	RCS: subsystems.c Revision: 4.2.39.2
CHECKSUM: 52292    399
/usr/shlib/libsecurity.so	RCS: subsystems.c Revision: 4.2.39.2
CHECKSUM: 11292    360
--------------------------

Problem:  (SSRT0588U)

A potential security vulnerability has been discovered, where under
certain circumstances, system integrity may be compromised. This may
be in the form of improper file or privilege management. Compaq has
corrected this potential vulnerability.

Installation Instructions:

This patch can be installed on any patch kit baselevel of Digital UNIX
V4.0E.

The following instructions assume the patched files are in directory
/patches.

Become superuser and enter the following commands:

# cd /usr/ccs/lib
# cp /patches/libsecurity.a libsecurity.a.new
# chown bin:bin libsecurity.a.new
# chmod 644 libsecurity.a.new
# ln libsecurity.a libsecurity.a.orig
# mv libsecurity.a.new libsecurity.a
# chmod 400 libsecurity.a.orig

# cd /usr/shlib
# cp /patches/libsecurity.so libsecurity.so.new
# chown bin:bin libsecurity.so.new
# chmod 644 libsecurity.so.new
# ln libsecurity.so libsecurity.so.orig
# mv libsecurity.so.new libsecurity.so
# chmod 400 libsecurity.so.orig

Any applications that are linked against the original version of the
static library (libsecurity.a) and that use any of the routines listed
below will need to be relinked against the new version of the library
in order to incorporate this patch.

Affected routines:

    authorized_user()
    sia_chg_finger()
    sia_chg_password()
    sia_chg_shell()

================================================================================
