> 1. Does it make sense to add SIOCGIFHARDMTU (and maybe SIOCGIFMTU too)
> to pledge("route")?No, I don't think so. Set it ahead of time. (In particular, you've failed to ask the two required questions: If this is capability is added to all programs that use "route", what is that list of programs? If one of them gets subverted, what danger can it cause? You didn't ask those questions, but only thought of your use case. The answer to your use case, it appears, may be to remove pledge just copy of the program. Feel better now? No, I doubt it...)
