I don’t think MPK’s will fit the need I have. Simply: Run some arbitrary, untrusted, non-sandboxed code in the same thread with assurance it can’t read page X. When that code completes and I’m back in code I trust, X is readable again.

Is that something MPK makes possible? The doc I’ve read suggests either your process can flip permission bits or it can’t. Great for avoiding out-of-sandbox reads. But if there’s arbitrary execution happening, why can’t that code flip the access to secrets back on?