The Photon operating system must restrict core dumps.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-258904 | SRG-OS-000480-GPOS-00227 | PHTN-40-000246 | SV-258904r991589_rule | 2024-07-11 | 2 |
| Description |
|---|
| By enabling the fs.suid_dumpable kernel parameter, core dumps are not generated for setuid or otherwise protected/tainted binaries. This prevents users from potentially accessing core dumps with privileged information they would otherwise not have access to read. |
| ℹ️ Check |
|---|
| At the command line, run the following command to verify core dumps are restricted: # /sbin/sysctl fs.suid_dumpable Example result: fs.suid_dumpable = 0 If the "fs.suid_dumpable" kernel parameter is not set to "0", this is a finding. |
| ✔️ Fix |
|---|
| Navigate to and open: /etc/sysctl.d/zz-stig-hardening.conf Add or update the following line: fs.suid_dumpable = 0 At the command line, run the following command to load the new configuration: # /sbin/sysctl --load /etc/sysctl.d/zz-stig-hardening.conf Note: If the file zz-stig-hardening.conf does not exist, it must be created. |