> it is not important. > > systrace was effectively deprecated 4-10 years ago, when there stopped > being a maintainer for it, or the broken ecosystem surrounding. > > That was a gap needed to consider a replacement model. > > What do you want here?
I guess nothing important. I am happy with pledge (I love it) as a replacement. I was simply wondering what the potential dangers are for my web server that utilises systrace on 5.9 along with newly pledged base processes and a few port processes, currently it appears to be working fine, perhaps it's performance has sufferred but I haven't noticed. I guess it takes hundreds of syscalls to notice and I will simply switch to pledge when performance requirements demand my time which I hope will happen within 6 months ;) . I already had plans to move to a potentially custom pledged c binary (if my use case can be more restricted) and a nicer and lighter system anyway. So thanks for the hard work. -- KISSIS - Keep It Simple So It's Securable