jeffxu@xxxxxxxxxxxx writes: > Although the initial version of this patch series is targeting the > Chrome browser as its first user, it became evident during upstream > discussions that we would also want to ensure that the patch set > eventually is a complete solution for memory sealing and compatible > with other use cases. The specific scenario currently in mind is > glibc's use case of loading and sealing ELF executables. To this end, > Stephen is working on a change to glibc to add sealing support to the > dynamic linker, which will seal all non-writable segments at startup. > Once this work is completed, all applications will be able to > automatically benefit from these new protections. Is this work posted somewhere? Having a second - and more generally useful - user for this API would do a lot to show that the design is, in fact, right and useful beyond the Chrome browser. Thanks, jon