Details
The action described in this section creates a protected directory to store core dumps and
also causes the system to create a log entry whenever a regular process dumps core.
Rationale:
Core dumps, particularly those from set-UID and set-GID processes, may contain sensitive
data.
Solution
To implement the recommendation, run the commands:
# chmod 700 /var/share/cores
# coreadm -g /var/share/cores/core_%n_%f_%u_%g_%t_%p
-e log -e global -e global-setid
-d process -d proc-setid
If the local site chooses, dumping of core files can be completely disabled with the following
command:
# coreadm -d global -d global-setid -d process -d proc-setid
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.