On Tue, 08 Feb 2022 19:37:26 -0600, Scott Cheloha wrote:
> - pledge(2) initially with "stdio rpath" at the top of main().
> We know we need to read a file at this point but don't yet
> know which one.
>
> - pledge(2) down to "stdio" after we have opened the file
> in question and called
The look(1) program needs to open(2) and fstat(2) exactly one file
during its runtime. Using unveil(2) seems like overkill here.
This seems closer to what we want:
- pledge(2) initially with "stdio rpath" at the top of main().
We know we need to read a file at this point but don't yet
know
