What were you trying to do that didn't work?

When selecting the OSPP profile ("Protection Profile for General Purpose Operating Systems (144)"), xccdf_org.ssgproject.content_rule_sysctl_kernel_core_pattern_empty_string rule gets selected, while, when selecting STIG profile ("DISA Stig for Red Hat Enterprise Linux 9 (493)"), xccdf_org.ssgproject.content_rule_sysctl_kernel_core_pattern rule gets selected.

Questions:

1. Why do we have two different implementations for the same functionality? (funtionality being disabling core dumps)
2. Can we deprecate xccdf_org.ssgproject.content_rule_sysctl_kernel_core_pattern_empty_string implementation because that rule is not robust?
   It's not robust because, as the core(5) manpage states, just having kernel.core_pattern= will still generate core dumps if kernel.core_uses_pid is set to 1 (which is the default):

           •  /proc/sys/kernel/core_pattern  is  empty and /proc/sys/kernel/core_uses_pid contains the value 0.  (These
             files are described below.)  Note that  if  /proc/sys/kernel/core_pattern  is  empty  and  /proc/sys/ker‐
             nel/core_uses_pid  contains the value 1, core dump files will have names of the form .pid, and such files
             are hidden unless one uses the ls(1) -a option.
    

Please provide the package NVR for which bug is seen:

scap-security-guide-0.1.69

How reproducible:

N/A