Manualshelf

HP-UX 11i Version 2 December 2007 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Foundation OE LTU
61626364656667686970
What is New in September 2004 for Customers Migrating from HP-UX 11i v1
September 2004 Release Notes, Chapter 8: “Security
Boot Authentication: Now available on all Standard Systems. Standard Mode Boot
Authentication feature can be configured by two parameters.
Generic Security Service Application Programming Interface (GSS-API): IPv6 enabled.
HP-UX Bastille 2.1: New product for customers migrating from HP-UX 11i v1.
HP-UX IPFilter A.03.05.10.02: Includes additional defect fixes.
HP-UX Secure Shell A.03.71.000: Contains several new features, including enhanced
ssh_prng_cmds file for random number generation, new escape character for requesting
a pseudo terminal, and support for generating KEX-GEX groups in the ssh-keygen file.
HP-UX Strong Random Number Generator: New product with HP-UX 11i v2.
HP-UX Host Intrusion Detection System 2.3: Product bundle renamed and restructured to
improve product installation and maintenance.
Install-Time Security B.01. x.x: New product for customers migrating from HP-UX 11i v1.
Kerberos Client (KRB5-Client): Changes include support for appdefaults section in the
/etc/krb5.conf; multidomain support; IPv6 support.
OpenSSL A.00.09.07-d: A self-signed host certificate is automatically generated while installing
OpenSSL.
PAM: 64-bit framework now supported on both PA-RISC and Itanium®-based systems.
New PAM module introduced. Defect fixes included.
PAM-Kerberos v1.23: Supports both Itanium®-based and PA-RISC applications in 32-bit
mode and 64-bit mode. The pam_sm_acct_mgmt function returns PAM_USER_UNKNOWN
instead of PAM_SUCCESS when the user is not present in the kerberos database.
Security Patch Check 2.0: New product for customers migrating from HP-UX 11i v1.
Shadow Passwords: New feature enhances system security by hiding user-encrypted
passwords in a shadow password file. Now supported by SAM.
What is New in September 2004 for Customers Migrating from HP-UX 11i v1
September 2004 Release Notes, Chapter 9: “Commands and System Calls”
The execve[*] system calls: Beginning with HP-UX 11i v1.6, the kernel ignores setuid
and setgid bits on scripts for security reasons. In addition, buffer overflow protection is
now enabled.
The fuser Command: Performance improved.
The insf, lssf, and mksf Commands: Now support IHV drivers.
The mmap Function: Now possible to perform mappings between a process's address space
and I/O device registers or memory.
The olrad Command: The rad(1M) command replaced by the more robust olrad(1M)
command.
Post/Wait: New. Provides a fast, lightweight synchronization facility for user applications.
The ps command: The default width is now set to 128 characters and a default file has been
provided to define the length of the command field, which can be between 64-1020.
The rc Shell Script: When a system needs reboot for some reason, messages in the file
/etc/rc.bootmsg will be displayed before the system is rebooted.
The scsimgr and scsiscan Commands: Deprecated. Planned for obsolescence in HP-UX
11i v3.
The settune and settune_txn System Calls: Post HP-UX 11i v2, tunables set using these
kernel system calls will not be persistent across reboots.
70 What is New at a Glance