While it's more secure to not dump core at all if the program has
switched euid, it's also very unpractical. Since only programs
started from root, being setuid root or have CAP_SETUID it's far
more practical to dump as root.root mode 600. This is the bahavior
of Solaris.
The current implementation does not ensure that an existing core
file is only readable as root, i.e. after dumping the ownership
and mode is unchanged.
Besides mm->dumpable to avoid recursive core dumps, on setuid files
the dumpable flag still prevents a core dump while seteuid & co will
result in a core only readable as root.