The trace file

Normally, the file permissions on cicscli.bin allow only the owner, and group to write to the file, and only the owner to read it. However, a user who has write access to the ⁄var⁄cicscli subdirectory can delete cicscli.bin regardless of the file permissions.

If however you use the -b option (see Starting client tracing), every process is given read access to the trace files.

If you do not want unauthorized users to have access to the cicscli.bin file, do not give them write access to the ⁄var⁄cicscli subdirectory. For example, a command such as:
chmod 755 ⁄var⁄cicscli
allows users to see files in ⁄var⁄cicscli subdirectory but not to create, delete, or move them.

The Client daemon prevents you from starting tracing if an unauthorized user has deleted and recreated cicscli.bin.