> On May 14, 2018, at 5:01 AM, Florian Weimer <fweimer@xxxxxxxxxx> wrote: > >> One thing we could do, though: the current initual state on process >> creation is all access blocked on all keys. We could change it so that >> half the keys are fully blocked and half are read-only. Then we could add >> a PKEY_ALLOC_STRICT or similar that allocates a key with the correct >> initial state*and* does the setsignal thing. If there are no keys left >> with the correct initial state, then it fails. > > The initial PKRU value can currently be configured by the system administrator. I fear this approach has too many moving parts to be viable. > > Honestly, I think we should drop that option. I don’t see how we can expect an administrator to do this usefully.
