Kicksecure ™

Download

On Computer USB Installation Debian morph to Kicksecure Windows (VM) Linux (VM) Mac (VM) VirtualBox (VM) KVM (VM) Qubes (VM) More options Source Code

About

Overview Features Why Open Source? Project Activities Contributors Mission & Vision

Docs

Documentation FAQ Troubleshooting

Community

Forums Contribute

Support

Self Support First Policy Search Engines, Docs and AI Support (Limited) Reporting Bugs Contact (Restricted)

Tools Upload file Special pages Recent changes Print Version Page meta What links here Related changes Page information

Page Read Edit History Move Protection Unwatch Watch Delete Purge

User Preferences Watchlist Contributions Logout Create account Login

Donate

Security and Privacy Risks Posed by Core Dumps

Introduction[edit]

All operating systems have a "core dump" functionality which poses potential security and privacy risks. According to Wikipedia: ^[1]

In computing, a core dump (in Unix parlance), memory dump, or system dump consists of the recorded state of the working memory of a computer program at a specific time, generally when the program has crashed or otherwise terminated abnormally. In practice, other key pieces of program state are usually dumped at the same time, including the processor registers, which may include the program counter and stack pointer, memory management information, and other processor and operating system flags and information. Core dumps are often used to assist in diagnosing and debugging errors in computer programs.

The primary function of core dumps is to provide the user or programmer with specialized information to determine the root cause of a system crash, in order to perform debugging. These files are viewable as text or image formats, and can be analyzed with special tools. In Windows, both kernel-mode dumps and user-mode dumps are available. The former contains information on either the full memory or large sections of it, while the latter is limited to single processes. ^[1]

Security and Privacy Risks[edit]

Core dumps can potentially contain sensitive information like: ^{[3] [2] [4]}

• Any activities undertaken in a session.
• All existing contents in RAM at the time of a crash:
  • Disk encryption keys and passwords.
  • Details of open documents.
  • Other passwords.
  • Detailed system information that can assist targeted attacks.

Clearly, how long copies of data survive and where they end up are critical factors. There is no guarantee that RAM is wiped or overwritten during this process. This is not just a theoretical concern, as exploits in the wild have been observed which force privileged applications to perform core dumps, disclosing the contents of shadow password files and other information in the process. ^[2]

While this information is stored locally on GNU/Linux distributions, this is not the case on proprietary platforms. Windows and macOS generally ship this memory information to the operating systems vendor. ^{[2] [5] [6] [7] [8]}

Disabling Core Dumps[edit]

Core Dumps are disabled by default in Kicksecure.

If using a virtual machine (VM)...

For greater security, advanced users should consider configuring the host operating systems to disable core dumps. If possible, preventing access to process memory is also advisable, along with secure storage of the file system. ^{[9] [10]} GNU/Linux users can further research the disabling of core dump features here and here. Debian users should refer to the manpages concerning core dump storage configuration files. In general, Linux normally requires: ^[11]

• Setting a ulimit value via a configuration file; or
• Configuring ulimit via a profile (custom) file; or
• Setting nil storage in the systemd coredump configuration file.

It is also recommended to disable setuid processes from dumping their memory, since processes with elevated permissions might otherwise still perform core dumps. ^[12] For greater safety, test the configuration works correctly.

Enabling Core Dumps[edit]

To enable core dumps in Kicksecure follow the following steps.

The debug-misc package is the simplest solution to enable core dumps. For better security, this package should only be installed on specific machines that require debugging. Unfortunately, security and debugging are conflicting optimization goals.

TODO: only enable core dumps without debug-misc

https://rspamd.com/doc/faq.html#how-to-figure-out-why-rspamd-process-crashed

ulimit -c

ulimit -c unlimited

References[edit]

Kicksecure A secure by default operating system with the latest security research in place.

Dark mode

Follow us on social media

Supported by Power Up Privacy

Kicksecure is proudly supported until 2025 by Power Up Privacy, a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place. (Strictly subject to our sponsorship policy.)

At Kicksecure we value freedom and trust, supporting Open Source and Freedom Software

By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements: Terms of Service, Privacy Policy, Cookie Policy, E-Sign Consent, DMCA, Imprint 2012- 2024 ENCRYPTED SUPPORT LP

Your support makes
all the difference!

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!