On Tue, Nov 01, 2022 at 12:14:34AM +0100, Jeremie Courreges-Anglas wrote: > tl;dr : the pledge(2) promises looks reasonable to me. While > I initially found that three pledge(2) was too much, I must admit > that all of them tighten the program execution before looking at > untrusted data. For the first call pledge(2), one could argue that the > program environment is hardly untrusted data, but past problems like > shellshock have proved this assumption wrong. The second pledge(2) call > is the least useful IMO, since it only drops "tty" before reading data > from files. But I feel strongly about dropping it.
> As suspected ministat fails to build on sparc64 (base-gcc) because it > uses math.h functions but doesn't link against libm. Thanks kmos@ for > confirming, suggesting the fix and testing it! > This looks ready to import. ok? ok kmos to import --Kurt
