Check: AIX7-00-003093
IBM AIX 7.x STIG:
AIX7-00-003093
(in versions v3 r1 through v1 r1)
Title
AIX process core dumps must be disabled. (Cat II impact)
Discussion
A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could contain sensitive data and is generally useful only for developers trying to debug problems.
Check Content
From the command prompt, run the following command: # lsuser -a core ALL root core=0 daemon core=0 bin core=0 sys core=0 adm core=0 uucp core=0 snapp core=0 ipsec core=0 srvproxy core=0 esaadmin core=0 sshd core=0 doejohn core=0 If any user does not have a value of "core = 0", this is a finding.
Fix Text
Run command: # chsec -f /etc/security/limits -s default -a core=0
Additional Identifiers
Rule ID: SV-215396r991589_rule
Vulnerability ID: V-215396
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |