Disable Core Dumps for All Users
An XCCDF Rule
Description
To disable core dumps for all users, add the following line to
/etc/security/limits.conf
, or to a file within the
/etc/security/limits.d/
directory:
* hard core 0
Rationale
A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.
- ID
- xccdf_org.ssgproject.content_rule_disable_users_coredumps
- Severity
- Medium
- References
- Updated
Remediation - Shell Script
# Remediation is applicable only in certain platforms
if rpm --quiet -q pam; then
SECURITY_LIMITS_FILE="/etc/security/limits.conf"
if grep -qE '^\s*\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then
Remediation - Kubernetes Patch
---
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
config:
ignition:
Remediation - Ansible
- name: Gather the package facts
package_facts:
manager: auto
tags:
- CCE-81038-2
- DISA-STIG-RHEL-08-010673