On Fri, Feb 25, 2022 at 01:53:51PM +0000, Will Deacon wrote: > I still think this new behaviour should be opt-in, so adding a sysctl for > that would be my preference if we proceed with this approach. I'm happy to have a sysctl but I'd rather it be opt out rather than opt in since it seems better to default to enabling the security feature when there is a strong expectation that it would seem better to enable it by default sine it's not expected to be disruptive and the sysctl is more of a "what if there's a problem" thing.
Attachment:
signature.asc
Description: PGP signature
