Detections
Analytics

1.5.18 Ensure the operating system disables core dumps for all users

Information

The operating system must disable core dumps for all users.

It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.

A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.

Solution

Configure the operating system to disable core dumps for all users.

Add the following line to the top of the "/etc/security/limits.conf" file or in a ".conf" file defined in "/etc/security/limits.d/":

* hard core 0

See Also

https://workbench.cisecurity.org/benchmarks/19886

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, Rule-ID|SV-230313r627750_rule, Vuln-ID|V-230313

Plugin: Unix

Control ID: 30350a849364fdc548002e4f0095a1a2dab6861d970ccd046ef2ed4b9013a7ef