1.5.1 Ensure core dumps are restricted - /etc/sysctl.conf, /etc/sysctl.d/*

Information

Setting a hard limit on core dumps prevents users from overriding the soft variable. If core dumps are required, consider setting limits for user groups (see limits.conf(5)). In addition, setting the fs.suid_dumpable variable to 0 will prevent setuid programs from dumping core.

Solution

Add the following line to the /etc/security/limits.conf file or a /etc/security/limits.d/* file-* hard core 0Set the following parameter in the /etc/sysctl.conf file-fs.suid_dumpable = 0Run the following command to set the active kernel parameter - # sysctl -w fs.suid_dumpable=0

See Also

https://workbench.cisecurity.org/files/1863

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT

References: 800-53|AC-6(10), 800-53|CM-7, CSCv6|13

Plugin: Unix

Control ID: c6675c0c6aac9c062a0514c4070f2c78063d818f9151de9f5c3ab41ddee9c917