Sorry for disappearing. Thanks for pointing out the VCS popen. Below is a draft that incorporates your suggestions. Let me know if it's too fine-grained. My thought was that it's ideal to drop exec as early as possible.
Index: Makefile =================================================================== RCS file: /cvs/ports/textproc/the_silver_searcher/Makefile,v retrieving revision 1.19 diff -u -p -r1.19 Makefile --- Makefile 9 Oct 2015 12:48:22 -0000 1.19 +++ Makefile 29 Jan 2016 21:12:05 -0000 @@ -4,6 +4,7 @@ COMMENT = code searching tool, with a fo DISTNAME = the_silver_searcher-0.31.0 CATEGORIES = textproc +REVISION = 0 HOMEPAGE = https://github.com/ggreer/the_silver_searcher MAINTAINER = Florian Stinglmayr <flor...@n0la.org> Index: patches/patch-src_main_c =================================================================== RCS file: patches/patch-src_main_c diff -N patches/patch-src_main_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_main_c 29 Jan 2016 21:12:05 -0000 @@ -0,0 +1,24 @@ +$OpenBSD$ +--- src/main.c.orig Sun Sep 6 00:29:27 2015 ++++ src/main.c Fri Jan 29 16:01:04 2016 +@@ -35,6 +35,9 @@ int main(int argc, char **argv) { + int workers_len; + int num_cores; + ++ if (pledge("stdio rpath proc exec", NULL) == -1) ++ die("pledge: %s", strerror(errno)); ++ + set_log_level(LOG_LEVEL_WARN); + + work_queue = NULL; +@@ -156,6 +159,10 @@ int main(int argc, char **argv) { + log_debug("No CPU affinity support."); + #endif + } ++ ++ if (pledge("stdio rpath", NULL) == -1) ++ die("pledge: %s", strerror(errno)); ++ + for (i = 0; paths[i] != NULL; i++) { + log_debug("searching path %s for %s", paths[i], opts.query); + symhash = NULL; Index: patches/patch-src_options_c =================================================================== RCS file: patches/patch-src_options_c diff -N patches/patch-src_options_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_options_c 29 Jan 2016 21:12:05 -0000 @@ -0,0 +1,23 @@ +$OpenBSD$ +--- src/options.c.orig Sun Sep 6 02:20:35 2015 ++++ src/options.c Fri Jan 29 16:07:02 2016 +@@ -574,6 +574,9 @@ void parse_options(int argc, char **argv, char **base_ + } + } + ++ if (opts.skip_vcs_ignores && pledge("stdio rpath proc", NULL) == -1) ++ die("pledge: %s", strerror(errno)); ++ + if (help) { + usage(); + exit(0); +@@ -632,6 +635,9 @@ void parse_options(int argc, char **argv, char **base_ + pclose(gitconfig_file); + } + } ++ ++ if (pledge("stdio rpath proc", NULL) == -1) ++ die("pledge: %s", strerror(errno)); + + if (opts.context > 0) { + opts.before = opts.context;
