> Passwords can be stored anywhere in the application,
> and it is per-application task to clear sensetive data anywhere.
> Please, back out this change.
> > And what about a user attaching a debugger to a running ftpd...
> He must be root for that.
This is not true for 2.1.0 systems. It is for 2.1.5.
I'll back it out.