Here is a demonstration diff using pledge execpromises in crontab,
regarding the running of $EDITOR.
I hacked it together in 20 minutes, so it may have bugs.
First off an aside -- something which stands in the way a little and
needs to be fixed. Most folk don't use $EDITOR or $VISUAL and a
This will probably be commited in the next day or so.
The 2nd argument of pledge() becomes execpromises, which is what
will gets activated after execve.
There is also a small new feature called "error", which causes
violating system calls to return -1 with ENOSYS rather than killing
the process.
