Preventing Core Dumps
Problem
You want to prevent your script from dumping core in the case of an unrecoverable error, since core dumps may contain sensitive data from memory such as passwords.
Solution
Use the bash built-in ulimit to set the core file size limit to 0, typically in your .bashrc file:
ulimit -H -c 0 --
Discussion
Core dumps are intended for debugging and contain an image of the memory used by the process at the time it failed. As such, the file will contain anything the process had stored in memory (e.g., user-entered passwords).
Set this in a system-level file such as /etc/profile or /etc/bashrc to which users have no write access if you don’t want them to be able to change it.
See Also
help ulimit
Get bash Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.