> @chaz I think it might be better to get these patches upstreamed to make > sure they are working correctly in all setups.
I disagree. Before pledge/unveil patches are added to the ports tree they need to be properly reviewed and tested. This applies even more so for upstreaming them. Failing to do that diligently, we would then have to add patches to remove/fix such patches and then bother upstream again. While adding pledge to ports is great fun and all, and it may even be worthwhile, the process should really be to land them in our ports tree first and only upstream them once we are fully confident, if at all.
