Note, MLton can't really get more than about 2 gig in the nmap address space. Re passwords on the disk, the right way to go to eliminate most of the danger is that you create the file, then unlink, then write. Not invulnerable against root or some one who can read the raw disk, but relatively safe. Any way, I definitely need it, but an option might be ok.