> case in point: openvpn passing username/password in the environment to > openvpn_bsdauth. > > so there's actually a bit of a sensitive data in env that current > wisdom rightly tends to want to junk as soon as possible. > > getenv(3) states, "If getenv() is successful, the string returned > should be considered read-only.", operative word being "should". > > what's the correct way to deal with this (specifically on openbsd if > there are any facilities that help here, as well as on other > systems perhaps)?
Clearing the string is pointless, it is a race that it can still be observed! You should restructure it to move data over a socket/pipe.
