Thereby raising other issues which arguably we should fix (Issues are filed). It’s less easy.
There’s also the question of multiple users, e.g. on shared system running as themselves.
As I understand it, the weak scrambling is also meant to help protect from malware scans.
They might not be polite enough to stay out of SYSTEM. Anyway, agree other paths exist.
Solidify SQLite dependencies #4024 points out that Linux uses the distro-installed SQLite,
and this gums up both the currently scrambling and what we can count on being available.
Kind of off-topic for Kestrel, but it’d be nice to start thinking about how to protect secrets…
Current scheme isn’t great, and there are Issues and talk of better ways to do this anyway.
Point taken.