OpenBSD's pledge is intentionally designed to be simple and easy to add to projects. It's still more granular than I expected: there are several different network permissions, and even a separate permission for tape drives!
miniblog.
Related Posts
I've learnt a surprising amount by looking at how other people are packaging my difftastic project!
(1) A local copy of the manual doesn't have the version (OpenBSD packaging fixes this).
(2) One of my dependencies has been yanked (Void Linux packaging fixes this).
Reading the beta 4 release notes for Haiku R1, it's striking how much work it is to support modern WiFi protocols: https://www.haiku-os.org/get-haiku/r1beta4/release-notes/
Previously, 802.11ac was only supported on Linux and OpenBSD! (Ignoring proprietary operating systems)
41
pledge() and unveil() are gradually being adopted by operating systems other than OpenBSD: