diff --git a/roles/ansible-os-hardening/tasks/main.yml b/roles/ansible-os-hardening/tasks/main.yml
index 7d324e70e..e262efe78 100644
--- a/roles/ansible-os-hardening/tasks/main.yml
+++ b/roles/ansible-os-hardening/tasks/main.yml
@@ -12,6 +12,10 @@
 - name: create securetty
   template: src='securetty.j2' dest='/etc/securetty' owner=root group=root mode=0400
 
+- name: create profile.conf
+  template: src='profile.conf.j2' dest='/etc/profile.d/pinerolo_profile.sh' owner=root group=root mode=0750
+  when: not os_security_kernel_enable_core_dump
+
 - name: minimize access
   file: path='{{item}}' mode='go-w' recurse=yes
   with_items:
diff --git a/roles/ansible-os-hardening/templates/profile.conf.j2 b/roles/ansible-os-hardening/templates/profile.conf.j2
new file mode 100644
index 000000000..d34a7c921
--- /dev/null
+++ b/roles/ansible-os-hardening/templates/profile.conf.j2
@@ -0,0 +1,4 @@
+# {{ ansible_managed }}
+
+# Disable core dumps via soft limits for all users. Compliance to this setting is voluntary and can be modified by users up to a hard limit. This setting is a sane default.
+ulimit -S -c 0 > /dev/null 2>&1