tyler.durden
/
harbian-audit
mirror of https://github.com/hardenedlinux/harbian-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add description to benchmark doc for 10.1.13

This commit is contained in:
samson 2018-11-16 19:34:25 +08:00
parent 7986a83f50
commit a5501c57b3
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
docs/harbian_audit_Debian_9_Benchmark_v0.1.mkd
View File

@ -1652,6 +1652,26 @@ Remove any found ".shosts" and "shosts.equiv" files from the system.
# rm /[path]/[to]/[file]/shosts.equiv
```
## 10.1.13 Disabled Kernel core dumps (Scored)
### Profile Applicability
Level 2
### Description
Kernel core dumps must be disabled unless needed.
### Rationale
Kernel core dumps may contain the full contents of system memory at the time of the crash. Kernel core dumps may consume a considerable amount of disk space and may result in denial of service by exhausting the available space on the target file system partition.
### Aduit
Verify that kernel core dumps are disabled unless needed. Check the status of the "kdump" service with the following command:
```
# grep "core" /etc/security/limits.conf
```
If the kernel core dump is set, this is a finding.
### Remediation
If kernel core dumps are not required, delete the contain "core" line in /etc/security/limits.conf.