Check: GEN003500
SUSE Linux Enterprise Server v11 for System z STIG:
GEN003500
(in versions v1 r12 through v1 r9)
Title
Process core dumps must be disabled unless needed. (Cat III impact)
Discussion
Process core dumps contain the memory in use by the process when it crashed. Process core dump files can be of significant size and their use can result in file systems filling to capacity, which may result in Denial of Service. Process core dumps can be useful for software debugging.
Check Content
# ulimit -c If the above command does not return 0 and the enabling of core dumps has not been documented and approved by the IAO, this a finding.
Fix Text
Edit /etc/security/limits.conf and set a hard limit for "core" to 0 for all users.
Additional Identifiers
Rule ID: SV-45679r1_rule
Vulnerability ID: V-11996
Group Title: GEN003500
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |