Erase freshly allocated file buffers.
If the buffers are not zeroed the previous contents of the memory may get written to the file.
A spy may then read said memory contents by examining the disc, or by reading the files before they are closed (or if the files are never closed because RISC OS is uncleanly terminated).
The following BASIC program demonstrates the problem using RAMFS:
REM Clean up previous run
*Remove RAM:Test
REM Fill FileSwitch buffers with "Secret"
*ChangeDynamicArea -ramfssize 128K
H%=OPENOUT"RAM:Dummy"
FOR I%=1 TO 10240
BPUT#H%,"Secret"
NEXT
CLOSE#H%
*Remove RAM:Dummy
REM Fill RAMFS with "Good" to prove leak
REM is not from previous memory contents
*ChangeDynamicArea -ramfssize 64K
DIM B% &10020
FOR I%=B% TO B%+&10000 STEP 4
$I%="Good"
NEXT
SYS "RamFS_DiscOp",,2,0,B%,&10000
*RMReInit RAMFS
REM Write a file
H%=OPENOUT"RAM:TestFile"
BPUT#H%,"TestData"
CLOSE#H%
*Remove RAM:TestFile
REM Load filesystem image
SYS "RamFS_DiscOp",,1,0,B%,&10000
REM Save and load into editor for viewing
*ChangeDynamicArea -ramfssize 256K
SYS "OS_File",10,"RAM:Test",&FFF,,B%,B%+&10000
*Filer_Run RAM:Test