Release 20.08

New Features

  • Improved Container Security

    Starting with version 20.08, all web exposed processes of the suSSHi Chef container will be changed to an unprivileged user named “susshi” after startup. This “privilege dropping” increases the security of the container, because in case of a possible security problem an attacker would only inherit the limited rights of the user “susshi” (default UID 900, GID 900).

    For more information regarding unprivileged user and volume mapping, continue reading here.

Improvements

  • Updated user interface with more homogeneous names for the form fields and cleaner layout.

  • Change default number of API Requests per minute (DoS limiter) to 600. See container variable API_REQUEST_PER_MIN to set individual values.

  • Improved stability of System Event collector by switching from GNUTLS to openssl.

Bug Fixes

  • The Gateway Embryonic Control Parameters (DoS limiter) was not set correctly, if changed by the user.