mediumsystemverified ✓rollback-safe
Ensure core dump storage is disabled
coredump-storage-disabled · RHEL ≥ 8 · 1 impl
Description
Core dumps should not be stored to prevent potential exposure of sensitive data from application memory. The systemd-coredump service should be configured to not store core dumps.
Rationale
Core dumps can contain sensitive information from application memory including passwords, encryption keys, and other confidential data. Disabling storage prevents this data from being written to disk where it could be accessed.
Check → Remediate
Checkcommand
systemd-analyze cat-config systemd/coredump.conf 2>/dev/null | grep -E '^Storage=' | tail -1 | grep -q '^Storage=none$'
- expected_exit:
- 0
Remediateconfig_set_dropin
- dir:
- /etc/systemd/coredump.conf.d
- file:
- 00-kensa-coredump.conf
- key:
- Storage
- value:
- none
- section:
- [Coredump]
Framework references
CIS
rhel9 1.5.4rhel8 1.5.10rhel10 1.5.10
STIG
V-281318 / RHEL-10-701160V-257813 / RHEL-09-213090V-230314 / RHEL-08-010674
NIST 800-53
SC-4
Live verification
rhel8:checkrhel9:check
#coredump#security#memory#privacy