If the environment is super easy to read when you have gained access to the container, so is a filesystem... The use of secrets is more to transmit secrets to the container without giving it to people.
The problem is applications unintentionally leaking the ENV. Think a hoptoad exception that attaches the current ENV to the report that sends up to the remote server.
Or think about you exec'ing imagemagik and now the process running potentially adversarial code also has access to your parent's env.
Or think about an application crashing and doing an unintentional core dump to disk.
Or think about you exec'ing imagemagik and now the process running potentially adversarial code also has access to your parent's env.
Or think about an application crashing and doing an unintentional core dump to disk.