BIG-IP v10.2.1 がリリースされていました。以下のように挙動が変更されたそうです。
Behavioral Change: When Appliance Mode is licensed, the following changes occur:
Any user that previously had access to the bash shell will now only have access to tmsh
Only the following directories are accessible via scp:
/config
/shared/images
/var/core
/var/local/scf
/var/local/ucs
/var/local/wam
/var/log
/var/tmp
The tmsh 'edit' command now invokes the nano editor instead of the vi editor
その他の修正は以下の通りです。
ID | Description |
---|---|
225190 | The root account home directory (/root) permissions have been modified so as to be only user readable, writable and executable. |
225236 | File permissions have been tightened for numerous files and directories. |
225237 | Options in the smb.conf file have been corrected. |
225249 | File permissions for cron tables and directories have been tightened. |
225251 | By default, new files are now only user readable and writeable. |
225252 | World-writable non-public directories are now better secured using the sticky-bit. |
225257 | The syscheck and oprofile users have the home directory properly set to '/'. |
227176 | The following non-interactive user accounts have been removed: "halt", "reboot", "sync" and "shutdown". |
227179 | The "htpasswd" utility has been removed from the system. |
227180 | Ownership and permissions for the web server configuration files have been fixed. |
336355 | The "tomcat" user no longer has access to a shell. |
338154 | The file permissions for syslog-ng.conf have been modified to be user and group readable only. |
340033 | CTRL+C now exits imish correctly when accessed through tmsh. |
353934 | File and directory permissions for /shared/ssh/root now have the proper umask settings. |
355374 | A condition where importing a UCS file containing an ASM configuration with user-defined sets could fail, leaving the configuration corrupt, has been fixed. |
コメント