Theo de Raadt <[email protected]> wrote: > I really disagree with this direction. > > pledge is not a thing that users should be able to tweak. > > The pledge arguments, and more specifically the PLACES where the pledge > calls happen and the code restructuring to do things before pledge and > after pledge, is an inate property of the code. USERS CANNOT AND SHOULD > NOT TOUCH THIS! > > We don't have a /etc/bgpd/pledge.config file. > > Regarding unveil, I think it is also becoming a problem, becausae with the > recent /dev/null change the system demands a change in the unveils, but they > are now in a user-modified file. > > Robert originally did it this way during pledge, and later unveil, as a > early development process but I don't think it makes sense anymore. > > The flexibility you are proposing here is simply dangerous.
"Hi ports, I demand better security so I put "stdio" into the pledge configuration file and now nothing works. Please help."
