Not sure that would have helped much in this case - he used dumping the environment as the particular avenue to get the "private" data, but he mentioned he had source code access and the ability to run untrusted code. If important credentials were in or available to the code, it sounds like they would have been vulnerable anyway.
It's a hard problem trying to secure credential that code needs to work, from other code running as the same user when someone has source code access to "authorised" code.
It's a hard problem trying to secure credential that code needs to work, from other code running as the same user when someone has source code access to "authorised" code.