Lots of ways to establish a persistent presence with a short time life key, especially if it is in env or a file it is trivial to find.

In theory the Linux kernel keyring would help here, even with a tsm or in conjunction with it.

Unfortunately as the industry abandoned the core Unix permission system (uid/gid) all of these methods just get a devfs[null] bind mount.

Only process that also support the traditional co-hosting model like nginx and Postgres do.

We would need nonce keys to gain no value from kernel memory or hardware storage.