hi, case in point: openvpn passing username/password in the environment to openvpn_bsdauth.
so there's actually a bit of a sensitive data in env that current wisdom rightly tends to want to junk as soon as possible. getenv(3) states, "If getenv() is successful, the string returned should be considered read-only.", operative word being "should". what's the correct way to deal with this (specifically on openbsd if there are any facilities that help here, as well as on other systems perhaps)? thanks, -- [-] mkdir /nonexistent
