UCF STIG Viewer Logo

Process core dumps must be disabled unless needed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-11996 GEN003500 SV-45679r1_rule Low
Description
Process core dumps contain the memory in use by the process when it crashed. Process core dump files can be of significant size and their use can result in file systems filling to capacity, which may result in Denial of Service. Process core dumps can be useful for software debugging.
STIG Date
SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide 2018-09-19

Details

Check Text ( C-43045r1_chk )
# ulimit -c
If the above command does not return 0 and the enabling of core dumps has not been documented and approved by the IAO, this a finding.
Fix Text (F-39077r1_fix)
Edit /etc/security/limits.conf and set a hard limit for "core" to 0 for all users.