>In my use-case, the programâs correct functionality is less >important than ensuring that the program cannot break out.
Astounding. It's like you don't see correct execution environment for a program as THE foundational aspect of security; while at the same time this rests on the assuption that unveil and pledge are correct code. So some stuff has to be correct, but other stuff doesn't, and then the handwaving begins. I'm done talking about this.
