At least it went through ktrace -di, with all flags tested, without opening any files.
Let's see what the crypto guys say :) On 12:12 Tue 30 Apr , Theo de Raadt wrote: > I am a bit sceptical, and worry that some internal function may > do something. > > > openssl ciphers doesn't seem to need to open any files to show the full > > list of > > ciphers, or manually selected so drop rpath from pledge. > > > > OK? > > > > Index: ciphers.c > > =================================================================== > > RCS file: /cvs/src/usr.bin/openssl/ciphers.c,v > > retrieving revision 1.9 > > diff -u -p -u -r1.9 ciphers.c > > --- ciphers.c 7 Feb 2018 05:47:55 -0000 1.9 > > +++ ciphers.c 30 Apr 2019 18:04:07 -0000 > > @@ -82,7 +82,7 @@ ciphers_main(int argc, char **argv) > > char *desc; > > > > if (single_execution) { > > - if (pledge("stdio rpath", NULL) == -1) { > > + if (pledge("stdio", NULL) == -1) { > > perror("pledge"); > > exit(1); > > } > > >