Bug ID 653842: OPSWAT inspect checks now supports privilege elevation

Last Modified: Apr 19, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0

Opened: Mar 28, 2017
Severity: 3-Major

Symptoms

If OPSWAT checks would require elevation or root rights for checking particular Antivirus, Firewall (or other security software) check fails.

Impact

OPSWAT checks fail completely or partially (e.g., some fields are not available).

Conditions

* Windows/Mac client systems. * System has security software that requires privilege elevation/root access to check its status.

Workaround

Important note: This workaround is recommended only for troubleshooting purposes, as using it implies security issues. Run browser or EdgeClient on high integrity level (Windows)/under root (Mac).

Fix Information

OPSWAT inspect checks now support privilege elevation via an optional F5 Inspector Service available in the Edge Client package. -- Windows: Introduced new component to provide on-demand elevation. -- Mac: Updated existing component to support such checks.

Behavior Change