Even though it's bad practice, a lot of commonly programs will request passwords or similar sensitive information as command line arguments. For instance, curl, svn, useradd... There will usually be a way to work around doing things this way (curl can read from a config file for instance), but doing so is a hassle (have to write a new config file for each request).
I would really like some way to turn the access unprivileged users have to this information on and off. Ideally I'd like it off by default in OpenBSD (secure by default). Also I would like to add, that even if you folks shoot down this FR as being an awful idea. It's good that there's an operating system community where I feel comfortable bringing up this request, where I wouldn't hear things like: "You have untrusted users on your system? What a n00b" "All security features are off by default, why should it be our responsibility to protects admins from their stupid mistakes?" "omg why should you care. hunting for sensitive information? it's not like anyone actually does that"
