Theo de Raadt wrote: > > Luke Small wrote: > > > What if I want to prevent a process from forking while I want to create > > > new > > > EVFILT_PROC events? Say, to accept the pid of a sibling fork from a pipe > > > and load it into a kqueue. Is there a reason why waitpid() isn't beholden > > > to this, or is there a reason that EVFILT_PROC is? > > > > wait() is a less powerful syscall than kevent(). > > indeed, EVFILT_PROC lets you observe processes other than your own > children. > > that way far outside "stdio", you are reasoning about processes in general, > so of course you need pledge "proc".
I should also clarify a bit. wait() only works for processes you've created with fork(), which requires "proc". There's good reason to allow you to watch for a child's exit much later, but without the ability to fork again. Also, kevent allows exactly this setup with the same set of pledges. After calling fork() is when you attach the kevent for the child. Then you drop "proc" and can continue to receive notifications about child exits. Using kevent() in the same way as wait() requires exactly the same pledge.
