Disable Core Dumps for All Users

An XCCDF Rule

Description

To disable core dumps for all users, add the following line to /etc/security/limits.conf, or to a file within the /etc/security/limits.d/ directory:

*     hard   core    0

Rationale

A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.

ID: xccdf_org.ssgproject.content_rule_disable_users_coredumps
Severity: Medium
References: 1 12 13 15 16 2 7 8

APO13.01 BAI04.04 DSS01.03 DSS03.05 DSS05.07

CCI-000366

SR 6.2 SR 7.1 SR 7.2

A.12.1.3 A.17.2.1

CM-6 SC-7(10)

DE.CM-1 PR.DS-4

SRG-OS-000480-GPOS-00227

CCE-82526-5

3.3.1
Updated: about 1 year ago

---
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
  config:
    ignition:      version: 3.1.0
    storage:
      files:
      - contents:
          source: data:,%2A%20%20%20%20%20hard%20%20%20core%20%20%20%200
        mode: 0644
        path: /etc/security/limits.d/75-disable_users_coredumps.conf
        overwrite: true

Disable Core Dumps for All Users

Description

Rationale

Remediation - Kubernetes Patch