On Fri, Sep 08, 2023 at 08:55:10AM -0300, Lucas de Sena wrote:
[...]
> Quoting from `xenocara/app/xclock/xclock.c`:
>
> > {
> > /* force reading of XErrorDB into memory to avoid adding "rpath" to
> >pledge below */
> > char buf[1];
> >
> >
Sebastien Marie writes:
> For me, you are pledging too early (before initialization).
I agree with everything you said regarding pledge(2) technique,
including this statement, but it is worth remembering that the list
of promises can be narrowed later with another pledge call.
It's very
On 2023-09-08, Sebastien Marie wrote:
> "rpath" is a bit odd in xeyes(1) normal behaviour (but it will be required on
> X11 error, as if I remember well, error codes are "translated" to message by
> reading some file).
Exactly. X11 reads the error database `/usr/X11R6/share/X11/XErrorDB`
if it
On Thu, Sep 07, 2023 at 11:30:11PM -0400, Thomas Frohwein wrote:
> Very basic pledge(2) for the whole program. I didn't dive too much into
> the details and maybe this can be refined some more. This is kind of a
> product of me trying a tool I made `abstain` [1] for usefulness of
> pledge(2)
On Thu, Sep 07, 2023 at 11:30:11PM -0400, Thomas Frohwein wrote:
> Very basic pledge(2) for the whole program. I didn't dive too much into
> the details and maybe this can be refined some more. This is kind of a
> product of me trying a tool I made `abstain` [1] for usefulness of
> pledge(2)
Very basic pledge(2) for the whole program. I didn't dive too much into
the details and maybe this can be refined some more. This is kind of a
product of me trying a tool I made `abstain` [1] for usefulness of
pledge(2) execpromises and it helped quickly find that xeyes(1) can run
with a very
