Check: GEN003500
HP-UX 11.31 STIG:
GEN003500
(in versions v1 r19 through v1 r13)
Title
Process core dumps must be disabled unless needed. (Cat III impact)
Discussion
Process core dumps contain the memory in use by the process when it crashed. Process core dump files can be of significant size and their use can result in file systems filling to capacity, which may result in Denial of Service. Process core dumps can be useful for software debugging.
Check Content
# grep -c ulimit /etc/profile If the return value of this command is 0, this is a finding. If the return value of this command is not 0: # grep ulimit /etc/profile If the -c argument with a value of 0 is not present, this is a finding.
Fix Text
Edit /etc/profile, ensure the ulimit command is present with the -c argument of the ulimit command set to 0.
Additional Identifiers
Rule ID: SV-35008r1_rule
Vulnerability ID: V-11996
Group Title: GEN003500
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |