Does a system core file contain sensitive customer information?
Applies to
- Data ONTAP 7-Mode
- ONTAP 9
- Cloud Volume ONTAP
Answer
- The core dump contains any data that resides in memory at the time the core dump is taken.
- Core files do not contain actual user data, but they can have IP addresses, node names, cluster names, user names, group names and some file properties like ownership, file permissions, etc.
- There are also buffers of data that are being received or transmitted, and those network buffers are visible in the core, along with any data that they may contain.
- Do system core files contain the entire contents of any give random accessed file at the instant the core file is taken? No.
- Is there a possible chance that some sensitive data might be in memory at the time the core is taken, and hence might be visible to an analysis to or support engineer? Yes, if the sensitive file data happens to be in the buffers that are being transmitted or received.
- Can a core file be sanitized to purge specific user information? No, there are no tools or settings that can be utilized for this type of process.
Additional Information
- If the site wishes to disable the ability to generate a system core file, then from the Cluster shell enter.:
::> coredump config modify -node
-coredump-attempts 0
- Disabling coredump generation will negatively impact the troubleshooting in case of a system panic