Hi Eric,
Amusingly, the existing KEYCTL_DH_* APIs, and the KEYCTL_ECDH_* APIs proposed by this patch, only operate on user keys that the process has READ access to. This means that the keys can be trivially extracted by a shell script running in your user session. That's *less* secure than using an isolated process...
I can see this being true for user or session keys, but I don't think this is true of process or thread specific keys. At least I couldn't read any keys out of a test app when I tried.
Regards, -Denis
