Skip to content
Last update: 2022-05-12

Release Notes: Sensor 4.9.0

Features

  • euid/suid/fsuid and egid/sgid/fsgid are now supported as predicates in strategy rules.

  • 5.14 kernels are now supported.

  • memoryProtection and setrlimit are now supported for policies on aarch64 systems.

  • Some default timeouts have been increased that may affect startup times in some configurations. They may now be re-configured in runtimedetections.yaml.

  • A pre-release of our Perf Sensor may be tested by using the use_perf_sensor_bin configuration value in runtimedetections.yaml. This will be the default in future releases, replacing our Go implementation.

Bugs

  • Previously, when resource limits were set, it would reuse the current cgroup leading to inconsistent behavior. Now when limits are set, the cgroup is deleted and re-created at startup to ensure that the new sensor instance is started with a clean-slate, and not penalized by prior runs. Lastly, the cgroup will be deleted when the Sensor receives a SIGTERM or SIGINT.

Deprecated

  • ⚠ v0 telemetry protocol over gRPC has been removed.
Back to top