| #!/bin/bash | |
| # Copyright 2021 The Chromium OS Authors. All rights reserved. | |
| # Use of this source code is governed by a BSD-style license that can be | |
| # found in the LICENSE file. | |
| ## Section: 1.5.1 Ensure core dumps are restricted ## | |
| echo "* hard core 0" >> /etc/security/limits.conf | |
| cat <<EOF >> /etc/systemd/coredump.conf | |
| Storage=none | |
| ProcessSizeMax=0 | |
| EOF | |
| systemctl daemon-reload | |
| sysctl -w fs.suid_dumpable=0 |