It's quite interesting that PEUTIL causes this hang, but not entirely
surprising.
The PEUTIL 'disallow' command potentially may have to interrupt every process
and modify it to negate any active AIF:PE traps. It may be more surprising
that
no one has seen problems like this before.

I'm more worried about you (apparently) using PEUTIL on a routine basis.
The PEUTIL disallow command is a very blunt instrument.  It interrupts
every product on your system that's using AIF:PE, without any means to
coordinate with individual product(s) and ensure that their suspension occurs
at a 'convenient' time.

The AIF:PE based products that you're using should really provide their own
mechanisms to turn themselves on or off dynamically.  In addition, whenever
I've
coded products that use AIF:PE in any way that might have security-related
implications, I've implemented logic that specifically prevents PEUTIL being
used by unauthorized users to turn off AIF:PE traps.  PEUTIL's location in
PUB.SYS (without special access controls) is an invitation for regular users
to mess with AIF:PE based products.  I was once amazed to log on to a users
system to find a security product that could be disabled by any user on the
system, simply by running PEUTIL.  Fortunately this loophole has been long-
closed.

Paul Taffel


At 03:14 PM 8/5/00, Paul Courry wrote:

>Come on people! Is Stan-the-Man Sieler the only one of you out there with
>knowledge of PEUTIL? HP played deaf and dumb about it when I logged a
>call. (Maybe I just got the wrong person) Is HP3000-L *stumped*?
>Has no one used PEUTIL?