Details
Setting a hard limit on core dumps prevents users from overriding the soft variable. If core dumps are required, consider setting limits for user groups (see limits.conf(5)). In addition, setting the fs.suid_dumpable variable to 0 will prevent setuid programs from dumping core.
Solution
Add the following line to the /etc/security/limits.conf file or a /etc/security/limits.d/* file-* hard core 0Set the following parameter in the /etc/sysctl.conf file-fs.suid_dumpable = 0Run the following command to set the active kernel parameter – # sysctl -w fs.suid_dumpable=0
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.