Hacker News new | past | comments | ask | show | jobs | submit login

> Looking forward to checking out the new execpromises in pledge

Interesting that they just changed the interface from `int pledge(const char * promises, const char * paths[]);` to `int pledge(const char * promises, const char * execpromises);`. I guess that is the power they have by being a BSD and integrated system, they do not worry about userland compatibility.




The pledge(2) manpage for 6.2 and earlier states:

"BUGS. The path whitelist feature is not available at this time."

So the second argument was previously unused, and thus could be repurposed without hurting backwards compatability.


zokier's point is still correct though. OpenBSD is a complete system, kernel + userland. You upgrade in lockstep.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: