How can I completely prevent core dumps?

Solution 1:

Setting fs.suid_dumpable = 0 will be overridden by apport everytime apport starts.

Similar to how ufw interferes with my efforts to follow hardening instructions apport also interferes here. This is how I found out:

$ grep -R fs.suid_dumpable /etc/ 2>/dev/null 
/etc/rc5.d/K01apport:   echo 2 > /proc/sys/fs/suid_dumpable
…
/etc/rc4.d/K01apport:   echo 0 > /proc/sys/fs/suid_dumpable
/etc/lynis/default.prf:config-data=sysctl;fs.suid_dumpable;0;1;Restrict core dumps;sysctl -a;url:https;//www.kernel.org/doc/Documentation/sysctl/fs.txt;category:security;
/etc/init.d/apport: echo 2 > /proc/sys/fs/suid_dumpable
/etc/init.d/apport: echo 0 > /proc/sys/fs/suid_dumpable

So to prevent core dumps and keep fs.suid_dumpable at 0 you have to disable apport:

sudo systemctl disable apport.service

How can I completely prevent core dumps?

Solution 1:

Related

Recent Posts