HP -UX B6941-90001 Administrator's Reference Manual page 452

Tuning, Troubleshooting, Security, and Maintenance
ITO Security
It is neither necessary nor specifically recommended to start the Motif
administrator GUI as a unix user with root privileges (user ID 0). In
addition, when saving the output of database reports on the ITO
configuration, the owner of the files that are written is the unix user who
started ITO. Otherwise, the behavior of the administrator GUI is the
same as the operator GUI.
The Operator GUI
During installation the ownership and permissions of the opcrlogin
utility will be set as follows:
-r-xr-x--- root opcgrp /opt/OV/bin/OpC/opcrlogin
In addition, when opening an ITO Virtual Terminal or starting an ITO
Input/Output Application on a node, the.rhosts entry for the operator's
unix user (if present) is used in preference to the entry for user opc_op
in order to enable the operator to log on without entering a password.
Integrated applications (menu items introduced using an ITO "OV
Service" application or registered actions represented by an ITO "OV
Application") that are started from ITO start under the same unix user
as the operator, which is not usually opc_op.
Program Security
The HP-UX 10.x and 11.x programs /opt/OV/bin/OpC/opc and
/opt/OV/bin/OpC/opcuiadm) have the s-bit (set user-ID on execution).
For MPE/iX, note that the job OPCSTRTJ.BIN.OVOPC contains the
readable password of AGENT.OVOPC if the standard STREAM facility
is used. If you have specified a customized stream command in the
Advanced Options sub-window of the Add/Modify Node window, no
password is inserted in OPCSTRTJ.BIN.OVOPC. Note that this entry
is only established during first-time installation, or if the ITO entry is
found in SYSSTART.PUB.SYS.
Change the job according to your security policies. The job is streamed
during system boot by SYSSTART.PUB.SYS and is responsible for
starting the Local Location Broker (if not yet running) and the ITO
agents.
452 Chapter 10