On Sat, Jun 08 2019, Stuart Henderson <s...@spacehopper.org> wrote: > On 2019/06/08 13:15, Jeremie Courreges-Anglas wrote: >> Naive question: should sysctl(8) be pledged? I'm not objecting but >> I wonder what we are trying to protect us from, here. > > AFAIK it can't be done because pledge always restricts which sysctl nodes > may be accessed.
Duh, I'll blame it on coffee deprivation... What I had in mind was: "Naive question: should sysctl(8) use unveil(2)?" Sorry about that. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
