...
The POSIX standard system call for controlling resource limits, setrlimit(), can be used to disable the creation of core dumps. This prevents an attacker with the ability to halt the program from gaining access to sensitive data that may might be contained in the dump.
...
In this example, sensitive information generated by create_secret() is stored in the dynamically allocated buffer, secret, which is processed and eventually deallocated by a call to free(). The memory page containing secret could be swapped out to disk. If the program crashes before the call to free(), the information stored in secret may be stored in the core dump.
...
Compliant Solution (privileged process on Unix)
Additionally, processes with elevated privileges can disable paging by "locking" memory in place using either mlock() (POSIX) or VirtualLock() (Windows). This ensures that memory is never copied to the hard drive, where it may be retained indefinitely in non-volatile storage.
...