UNIX systems:

Ensure that the authorization set-user-ID-bit is not set for sapcpe.

As sapcpe is executed as user <sapsid>adm, certain programs cannot be updated. These include programs that belong to root or to another super user, as well as programs that are active when sapcpe updates a local system.

For authorization problems, sapcpe lists up the problem messages in the log file. You then have to update the related executables manually or solve the problem. Usually programs saposcol, icmbnd, and the *lib* libraries are affected by this.