On Tue, Jan 17, 2017 at 6:05 AM, Jordon <open...@sirjorj.com> wrote: > What is the “official" way to pledge(2) a portable program?
OpenSSH Portable checks for the presence of pledge in configure (https://anongit.mindrot.org/openssh.git/tree/configure.ac#n1715) and if not found defines a no-op pledge function (https://anongit.mindrot.org/openssh.git/tree/openbsd-compat/bsd-misc.c#n282) The advantage of doing it this way is that the mainline code is unchanged and so does not add additional maintenance burden (ie merge conflicts). It also provides a hook for alternative implementation mechanisms although there are no drop-in replacements at the moment. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.