Apply by doing
	cd /sys
	patch < nosuidcoredump.patch
	install -c -m 444 -o root -g bin sys/sysctl.h /usr/include
	cd /usr/src/usr.sbin/sysctl && make && make install

Index: kern/kern_sig.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_sig.c,v
retrieving revision 1.22
retrieving revision 1.25
diff -u -r1.22 -r1.25
--- kern_sig.c	1997/11/06 05:58:18	1.22
+++ kern_sig.c	1998/01/09 16:41:09	1.25
@@ -1103,6 +1103,8 @@
 	/* NOTREACHED */
 }
 
+int nosuidcoredump = 1;
+
 /*
  * Dump core, into a file named "progname.core", unless the process was
  * setuid/setgid.
@@ -1127,6 +1129,8 @@
 	if ((p->p_flag & P_SUGID) &&
 	    (error = suser(p->p_ucred, &p->p_acflag)) != 0)
 		return (error);
+	if ((p->p_flag & P_SUGID) && nosuidcoredump)
+		return (EPERM);
 
 	/* Don't dump if will exceed file size limit. */
 	if (USPACE + ctob(vm->vm_dsize + vm->vm_ssize) >=

Index: kern/kern_sysctl.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_sysctl.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- kern_sysctl.c	1997/11/06 15:59:49	1.23
+++ kern_sysctl.c	1997/12/08 21:25:37	1.24
@@ -210,7 +210,7 @@
 	int error, level, inthostid;
 	extern char ostype[], osrelease[], osversion[], version[];
 	extern int somaxconn, sominconn;
-	extern int usermount;
+	extern int usermount, nosuidcoredump;
 
 	/* all sysctl names at this level are terminal */
 	if (namelen != 1 && !(name[0] == KERN_PROC || name[0] == KERN_PROF))
@@ -305,6 +305,8 @@
 	case KERN_RND:
 		return (sysctl_rdstruct(oldp, oldlenp, newp, &rndstats,
 		    sizeof(rndstats)));
+	case KERN_NOSUIDCOREDUMP:
+		return (sysctl_int(oldp, oldlenp, newp, newlen, &nosuidcoredump));
 	default:
 		return (EOPNOTSUPP);
 	}

Index: sys/sysctl.h
===================================================================
RCS file: /cvs/src/sys/sys/sysctl.h,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- sysctl.h	1997/11/06 15:59:52	1.22
+++ sysctl.h	1997/12/08 21:25:34	1.23
@@ -145,7 +145,8 @@
 #define	KERN_SOMINCONN		29	/* int: half-open controllable param */
 #define	KERN_USERMOUNT		30	/* int: users may mount filesystems */
 #define KERN_RND		31	/* struct: rnd(4) statistics */
-#define	KERN_MAXID		32	/* number of valid kern ids */
+#define KERN_NOSUIDCOREDUMP	32	/* int: no setuid coredumps ever */ 
+#define	KERN_MAXID		33	/* number of valid kern ids */
 
 #define CTL_KERN_NAMES { \
 	{ 0, 0 }, \
@@ -180,6 +181,7 @@
 	{ "sominconn", CTLTYPE_INT }, \
 	{ "usermount", CTLTYPE_INT }, \
 	{ "random", CTLTYPE_STRUCT }, \
+	{ "nosuidcoredump", CTLTYPE_INT }, \
 }
 
 /*