[Forgot Password]
Login  Register Subscribe

25354

 
 

132804

 
 

134339

 
 

909

 
 

108885

 
 

152

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-92972-9

Platform: ubuntu19.04Date: (C)2019-11-07   (M)2019-11-07



Restrict Core Dumps A core dump is the memory of an executable program. It is generally used to determine why a program aborted. It can also be used to glean confidential information from a core file. The system provides the ability to set a soft limit for core dumps, but this can be overridden by the user.


Parameter:


Technical Mechanism: Setting a hard limit on core dumps prevents users from overriding the soft variable. If core dumps are required, consider setting limits for user groups (see limits.conf(5)). In addition, setting the fs.suid_dumpable variable to 0 will prevent setuid programs from dumping core. The apport service if active will override the fs.suid_dumpable variable setting and automatically create core dump reports. The whoopsie service monitors apport core dump reports and transmits them to Canonical. Fix: Add the following line to the /etc/security/limits.conf file. * hard core 0 Add the following line to the /etc/sysctl.conf file. fs.suid_dumpable = 0 Uninstall the apport and whoopsie packages or comment out any start lines in /etc/init/apport.conf and /etc/init/whoopsie.conf files: # start on runlevel [2345]

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:55185


OVAL    1
oval:org.secpod.oval:def:55185
XCCDF    1
xccdf_org.secpod_benchmark_general_Ubuntu_19_04

© SecPod Technologies