In the light of Microsoft getting some of their signing keys exfiltrated via coredumps, last year, I had some interesting conversations about leaking cryptographic material via coredumps. One of those was about how Telecomix uncovered how Blue Coat Systems was likely able to decrypt OpenVPN encrypted traffic in Syria around 2011: they had a remote crash for the OpenVPN client, causing Windows to automatically upload the coredump to Microsoft, unencrypted, containing the encryption keys and all related cryptographic material.
Nowadays, those Windows Error reports are encrypted, but it might not be the
case
for every operating system. Another way to prevent keys from being exfiltrated
this way is to use
MAP_NOCORE/MADV_DONTDUMP,
like libsodium is doing.
OpenSSL doesn't do
this,
but I've heard that there is some ongoing work to add this to BoringSSL