On this page
14 Upgrade notes for 3.4.4
More secure Zabbix setup
Several features have been implemented as part of an effort to "harden" the Zabbix web interface:
- Same origin policy for IFrames. Zabbix now cannot be placed in
frames on a different domain. Still, pages placed into a Zabbix
frame will have access to Zabbix frontend (through JavaScript) if
the page that is placed in the frame and Zabbix frontend are on the
same domain. A page like
http://secure-zabbix.com/cms/page.html, if placed into screens or dashboards onhttp://secure-zabbix.com/zabbix/, will have full JS access to Zabbix. - Technical errors (PHP/SQL) are now hidden by default from non-Zabbix Super admin users and from users that are not part of user groups with debug mode enabled. This is configurable via the new ZBX_SHOW_TECHNICAL_ERRORS constant, set to 'false' by default.
Additional Windows service startup types
Since Windows Server 2008 R2 and Windows 7 several more Windows service startup types have been supported:
- Automatic (Trigger Start)
- Automatic delayed (Trigger Start)
- Manual (Trigger Start)
In the new version these types can also be discovered by Windows service discovery in Zabbix.
However, instead of discovering these types by the existing {#SERVICE.STARTUP}, {#SERVICE.STARTUPNAME} macros, a new {#SERVICE.STARTUPTRIGGER} macro has been added to be able to discover startup types with trigger start. {#SERVICE.STARTUP}, {#SERVICE.STARTUPNAME} macros remain unchanged to preserve backwards compatibility.
Item changes
- system.cpu.num agent item on AIX now returns a value based on the logical processors attached to an AIX LPAR and not the physical ones.