>> > Unfortunately systrace overhead can be significant for monitoring >> > complex programs but it could potentially be useful as a part of a >> > (HIPS or system intrusion or malfunction detection for a secure >> > server). hmmm, assuming pledge doesn't kill the offending process first, >> > haha. >> >> systrace and pledge did not work together. So that's balony. > >how do you mean? what happens on 5.9 when you use systrace with pledged >programs? Does cpu usage go through the roof by any chance? That would >explain why I have had to disable it to avoid waiting so long for >systraced desktop programs.
it is not important. systrace was effectively deprecated 4-10 years ago, when there stopped being a maintainer for it, or the broken ecosystem surrounding. That was a gap needed to consider a replacement model. What do you want here?