On 2026/03/25 20:48, Christoph Liebender wrote: > On 3/25/26 20:14, Stuart Henderson wrote: > > reads ok, *if* the patch to use unveil has been tested on recent > > -current > > I build and use mollysocket with this patch on -stable with the latest > patches - I assume that includes relevant changes to unveil as well?
It does not, only the bigger problems were addressed in -stable. -current has further changes. > > > ++ for rpath in [ > > > ++ "/dev/urandom", yuk, really? no arc4random (or at least getentropy)?
