That seems a bit excessive to crash the program when all you may want to do
is track the exit of a child. Does the pledge proc flag dictate that you
can't do wait() as well?
Theo de Raadt wrote:
> > > > I think we should remove the check. It doesn't make sense, and it's
> > > > different
> > > > from other systems using kqueue. (I also had to work around it in
> > > > rebound,
> > > > where some code could be organized better if it weren't for the need to
> > > >
> > > I think we should remove the check. It doesn't make sense, and it's
> > > different
> > > from other systems using kqueue. (I also had to work around it in rebound,
> > > where some code could be organized better if it weren't for the need to
> > > call
> > > kevent before switching IDs.)
> > I think we should remove the check. It doesn't make sense, and it's
> > different
> > from other systems using kqueue. (I also had to work around it in rebound,
> > where some code could be organized better if it weren't for the need to call
> > kevent before switching IDs.)
>
> FreeBSD has
On Thu, 12 May 2016 12:07:43 -0400, "Ted Unangst" wrote:
> I think we should remove the check. It doesn't make sense, and it's different
> from other systems using kqueue. (I also had to work around it in rebound,
> where some code could be organized better if it weren't for the need to call
>
There is a permission check for EVFILT_PROC that is not documented. Actually,
it directly contradicts the documentation, which says you can watch any
process you can see. The documented behavior makes sense, since I could also
just run ps in a tight loop and get the same info, only less