{"description": "A core dump file is the memory image of an executable\nprogram when it was terminated by the operating system due to\nerrant behavior. In most cases, only software developers\nlegitimately need to access these files. The core dump files may\nalso contain sensitive information, or unnecessarily occupy large\namounts of disk space.\n<br /><br />\nOnce a hard limit is set in <tt>/etc/security/limits.conf</tt>, or\nto a file within the <tt>/etc/security/limits.d/</tt> directory, a\nuser cannot increase that limit within his or her own session. If access\nto core dumps is required, consider restricting them to only\ncertain users or groups. See the <tt>limits.conf</tt> man page for more\ninformation.\n<br /><br />\nThe core dumps of setuid programs are further protected. The\n<tt>sysctl</tt> variable <tt>fs.suid_dumpable</tt> controls whether\nthe kernel allows core dumps from these programs at all. The default\nvalue of 0 is recommended.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": ["coredump_disable_backtraces", "coredump_disable_storage", "disable_users_coredumps", "service_systemd-coredump_disabled", "sysctl_fs_suid_dumpable"], "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "title": "Disable Core Dumps", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/restrictions/coredumps/group.yml"}