Yes. That's awesome! I was referring to the OpenBSD devs trying to hack pledges ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		dbt00 on Sept 15, 2021 \| parent \| context \| favorite \| on: OpenBSD's Pledge and Unveil from Python Yes. That's awesome! I was referring to the OpenBSD devs trying to hack pledges into other people's software by trying to guess what capabilities it needs while porting. That's not a good thing to try to do -- see also all the various attempts at guessing seccomp profiles in the Linux world, which has the same problem.

ben_bai on Sept 15, 2021 | [–]

Has been done to some 3rd party applications. Notably Chromium is pledged an unveiled, Firefox (unveil), pdf readers, compression tools, mail clients, ...

grep the ports tree for pledge patches.

gavinhoward on Sept 15, 2021 | [–]

I see what you mean now, and I think you are completely correct in that!

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact