Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

NetApp KCS Award

NetApp Knowledge Base

Does a system core file contain sensitive customer information?

Views:
155
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

Data ONTAP 7-Mode

ONTAP

Answer

The core dump contains any data that resides in memory at the time the core dump is taken. 

Core files do not contain actual user data, but they can have IP addresses, node names, cluster names, user names, group names and some file properties like ownership, file permissions, etc.

There are also buffers of data that are being received or transmitted, and those network buffers are visible in the core, along with any data that they may contain.
  • Do system core files contain the entire contents of any give random accessed file at the instant the core file is taken?  No.
  • Is there a possible chance that some sensitive data might be in memory at the time the core is taken, and hence might be visible to an analysis to or support engineer?  Yes, if the sensitive file data happens to be in the buffers that are being transmitted or received.
  • Can a core file be sanitized to purge specific user information?  No, there are no tools or settings that can be utilized for this type of process.

Additional Information

If the site wishes to disable the ability to generate a system core file, then from the Cluster shell enter:

cluster_CLI::> coredump config modify -node  -coredump-attempts 0

to stop the automatic generation of all core dumps.

Scan to view the article on your device