{"description": "The Apport modifies certain kernel configuration values at\nruntime which may decrease the overall security of the system and expose sensitive data.\n\nThe <code>apport</code> service can be disabled with the following command:\n<pre>$ sudo systemctl mask --now apport.service</pre>", "rationale": "The Apport service modifies the kernel\n<tt>fs.suid_dumpable</tt> configuration at runtime which\nprevents other hardening from being persistent. Disabling the\nservice prevents this behavior.", "severity": "unknown", "references": {"cis": ["1.5.5"]}, "control_references": {"cis": ["1.5.5"]}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": null, "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "package[apport]", "platforms": ["package[apport]"], "sce_metadata": {"check-import": "stdout", "platform": ["multi_platform_all"], "environment": "any", "filename": "service_apport_disabled.sh", "relative_path": "ubuntu2204/checks/sce/service_apport_disabled.sh"}, "inherited_platforms": [], "cpe_platform_names": ["package_apport"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Disable Apport Service", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/apport/service_apport_disabled/rule.yml", "template": {"name": "service_disabled", "vars": {"servicename": "apport"}, "backends": {}}}