As both of you said, some of these will not benefit much since it happens near the end, nevertheless it's the safe (and easy) idiom we have for "wipe this sensitive data out of memory". My main beef is that their current code might get copied by someone elsewhere to a bad place with undesired effects.
Regarding init(8) I spoke yesterday with tb@ and he also pointed me out that we should clear pbuf instead of clear so I had it changed already. So if no one objects I'll commit this later on today (except for nc(1) which is not correct and also complains about the variable being const and cast it to void* to shut it doesn't seem right). On 20:47 Mon 01 May , Theo de Raadt wrote: > > I would fall on the side of "It could get copied elsewhere or hoisted > > for other reasons (like pledge)" so do it anyway. > > OK, the argument it could get copied into another program, where it > is nowhere near a terminal path.. makes sense. So then all of them > should get it. It is simply a safer pattern.
