On Sat, Oct 10, 2015 at 08:17:13AM +0200, Martijn van Duren wrote: > I am however curious to this patch. By pledging ksh with exec it appears to > me that once a pledged process is execve(2)d it looses it's already made > pledges. (how else could applications spawned from the shell and still get > their network interaction going?) This to me seems like something that might > be undesirable (find remote code execution->insert exec of application->do > some evil network activity) > Is above observation correct or am I missing something?
It's too early for this conversation. We're iteratively introducing pledge requests and refining them as we go. Right now, "exec" allows us to make progress in other areas and it's no worse than the default. We still have a lot of diffs left to commit and write. We'll come back to this and other parts of pledge.
