Kernel

Disable core dumps in Linux

Edit /etc/security/limits.conf and append the following lines:

1* hard core 0
2* soft core 0

Edit /etc/sysctl.d/9999-disable-core-dump.conf:

1fs.suid_dumpable=0
2kernel.core_pattern=|/bin/false

1sudo sysctl -p /etc/sysctl.d/9999-disable-core-dump.conf

/bin/false exits with a failure status code. The default value for kernel.core_pattern is core on a Debian server and |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h on a Fedora desktop. These commands are executed upon crashes. In the case of /bin/false, nothing happens, and core dump is disabled.
fs.suid_dumpable=0 Any process that has changed privilege levels or is execute only will not be dumped. Other values include 1, which is debug mode, and all processes dump core when possible. The current user owns the core dump, no security is applied. 2, suidsafe mode, in which any Linux program that would generally not be dumped is dumped regardless, but only if the kernel.core_pattern is sysctl is set to a valid program.

1sudo mkdir /etc/systemd/coredump.conf.d/
2sudo nvim /etc/systemd/coredump.conf.d/custom.conf

1[Coredump]
2Storage=none
3ProcessSizeMax=0

Storage=none and ProcessSizeMax=0 disables all coredump handling except for a log entry under systemd.

1sudo systemctl daemon-reload

Edit /etc/systemd/system.conf. Make sure DefaultLimitCORE is commented out.

1#DefaultLimitCORE=infinity

1sudo systemctl daemon-reexec