===== Disable core dumps in Linux =====

==== limits.conf and sysctl ====

Edit ''%%/etc/security/limits.conf%%'' and append the following lines:

<code bash>
* hard core 0
* soft core 0
</code>

Edit ''%%/etc/sysctl.d/9999-disable-core-dump.conf%%'':

<code bash>
fs.suid_dumpable=0
kernel.core_pattern=|/bin/false
</code>

<code bash>
sudo sysctl -p /etc/sysctl.d/9999-disable-core-dump.conf
</code>

  * ''%%/bin/false%%'' exits with a failure status code. The default value for ''%%kernel.core_pattern%%'' is ''%%core%%'' on a Debian server and ''%%|/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h%%'' on a Fedora desktop. These commands are executed upon crashes. In the case of ''%%/bin/false%%'', nothing happens, and core dump is disabled.
  * ''%%fs.suid_dumpable=0%%'' Any process that has changed privilege levels or is execute only will not be dumped. Other values include ''%%1%%'', which is debug mode, and all processes dump core when possible. The current user owns the core dump, no security is applied. ''%%2%%'', suidsafe mode, in which any Linux program that would generally not be dumped is dumped regardless, but only if the ''%%kernel.core_pattern%%'' is sysctl is set to a valid program.

==== systemd ====

<code bash>
sudo mkdir /etc/systemd/coredump.conf.d/
sudo nvim /etc/systemd/coredump.conf.d/custom.conf
</code>

<code ini>
[Coredump]
Storage=none
ProcessSizeMax=0
</code>

  * ''%%Storage=none%%'' and ''%%ProcessSizeMax=0%%'' disables all coredump handling except for a log entry under systemd.

<code bash>
sudo systemctl daemon-reload
</code>

Edit ''%%/etc/systemd/system.conf%%''. Make sure ''%%DefaultLimitCORE%%'' is commented out.

<code ini>
#DefaultLimitCORE=infinity
</code>

<code bash>
sudo systemctl daemon-reexec
</code>