On Sun, November 22, 2015 4:23 pm, Theo de Raadt wrote: > That diff is completely wrong. > > The addition of "prot_exec" to a pledge should result in some > significant questions. > > You can't pledge a program if you don't understand what it is doing, > and why. > > Misapplication of pledge like this will result in a nightmare. > > >> > I haven't seen much discussion about applying pledge to ports, so I >> > thought I'd >> > find out how people feel about it. >>
So I'm reading that as "Yes, but only if you know what you're doing." >> > I can see downsides to this such as, ports maintainers not necessarily >> being >> > involved in the development of the port and having a lower >> understanding >> > of the >> > code as compared to OBSD developers with base code I guess I fell into my own caveat. Also, thanks for the additional pointers off-list. Tim.
