Disable Core Dumps for All Users
An XCCDF Rule
Description
To disable core dumps for all users, add the following line to
/etc/security/limits.conf, or to a file within the
/etc/security/limits.d/ directory:
* hard core 0
Rationale
A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.
- ID
- xccdf_org.ssgproject.content_rule_disable_users_coredumps
- Severity
- Medium
- References
- Updated
Remediation - Ansible
- name: Gather the package facts
package_facts:
manager: auto
tags:
- NIST-800-53-CM-6
- NIST-800-53-SC-7(10)
Remediation - Shell Script
# Remediation is applicable only in certain platforms
if rpm --quiet -q pam; then
SECURITY_LIMITS_FILE="/etc/security/limits.conf"
if grep -qE '^\s*\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then