Disable acquiring, saving, and processing core dumps

Description

The systemd-coredump.socket unit is a socket activation of the systemd-coredump@.service which processes core dumps. By masking the unit, core dump processing is disabled.

Rationale

A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.

ID: xccdf_org.ssgproject.content_rule_service_systemd-coredump_disabled
Severity: Medium
References: CCI-000366

SC-7(10)

FMT_SMF_EXT.1

SRG-OS-000480-GPOS-00227

CCE-82530-7
Updated: about 1 year ago