Wouldn’t this potentially leave e.g. disk encryption keys in memory?