I've just reproduced this issue under kernel-2.6.17-1.2145 on FC-5 and kernel-2.6.17-1.2364 on FC-6 - see bug 198893 for a nasty reproducer. I suggest that we apply the patch to prevent processes with the PR_SET_DUMPABLE flag set from being able to dump core in whatever directory they can cd into, regardless of whether the userid has write permission, ASAP.
fixed in 2158 for FC5 fixed in rawhide too some time after 2364.