Re: String clearing

If we assume that its rarely being set, I think there is a good reason for propagating it in string operations. Otherwise, it seems difficult to use it in practice, since its often impossible to make sure all intermediate values are being flagged.

The major issue with this is that pike have shared strings (and this, incidentally, makes the whole concept of 'secure' strings rather odd, they should have been a separate class entirely).

Let's say that you set the 'password' that users enter as secure. Given how people select passwords you will soon have most strings marked as secure, especially if the flag is propagated through string operations (As an example, consider what happens after set_secure(""))