Home >Operation and Maintenance >Linux Operation and Maintenance >How to configure a CentOS system to restrict user access to system core files
How to restrict user access to core files in the CentOS system
In the CentOS system, core files are considered sensitive data, and restricting user access to core files is an important security measure. This article will introduce how to restrict user access to core files by configuring the CentOS system.
Step 1: Create a new group
First, we need to create a new group to distinguish users with different permissions. Run the following command in the terminal:
sudo groupadd kernel_users
This command will create a new group named kernel_users.
Step 2: Add users to the new group
Next, we need to add specific users to the kernel_users group so that specific access permissions can be set for this group in the future. Run the following command:
sudo usermod -a -G kernel_users username
where username is the username to be added to the kernel_users group.
Step 3: Edit the coredump.conf file
Now we need to edit the coredump.conf file, which controls the storage and access permissions of core files in the system. Run the following command to open the file:
sudo nano /etc/systemd/coredump.conf
In the opened file, find the following line:
#Storage=external
Change it to:
Storage=none
This disables the storage of core files .
Next, find the following line:
#ProcessSizeMax=2G
Change it to:
ProcessSizeMax=0
This will limit the size of the core file to 0, thus disabling the creation of the core file.
Step 4: Change the permissions of the core files
Now we need to change the permissions of the core files to ensure that only users in the kernel_users group can access them. Run the following command:
sudo chgrp kernel_users /var/core sudo chmod 750 /var/core
This will change the group ownership of the /var/core directory to kernel_users and set appropriate permissions to ensure that only users in the group can access the directory.
Step 5: Restart the system
After completing the above steps, we need to restart the CentOS system for the changes to take effect. Run the following command:
sudo reboot
The system will reboot for restricting user access to core files to take effect.
Summary:
By following the above steps, you can successfully restrict user access to core files in the CentOS system. This security measure helps prevent malicious users from accessing and manipulating critical system files and improves system security.
While these steps apply on CentOS systems, they can be modified to suit other Linux distributions as needed. When configuring your system, keep in mind the importance of system security and ensure that only authorized users have access to core files.
The above is the detailed content of How to configure a CentOS system to restrict user access to system core files. For more information, please follow other related articles on the PHP Chinese website!