UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Process core dumps must be disabled unless needed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-11996 GEN003500 SV-37546r1_rule ECCD-1 ECCD-2 Low
Description
Process core dumps contain the memory in use by the process when it crashed. Process core dump files can be of significant size and their use can result in file systems filling to capacity, which may result in Denial of Service. Process core dumps can be useful for software debugging.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2014-01-09

Details

Check Text ( C-36201r1_chk )
# ulimit -c
If the above command does not return 0 and the enabling of core dumps has not been documented and approved by the IAO, this a finding.
Fix Text (F-31460r1_fix)
Edit /etc/security/limits.conf and set a hard limit for "core" to 0 for all users.