Good point. I think we should be caeful what we do, while administrating the server.

Maybe we could build some automatism which stops the screenshot service while an ssh session is established.

Either that, or you just exclude all processes forked by bash/ssh :-)

Once again with mysql you can:

    MYSQL_PWD=password mysql -uuser db

On some old systems, I remember that env vars of other UIDs could be seen, even if you weren't root. I wonder if that's still true for any systems out there.