Leah Rowe <i...@minifree.org> wrote: > Hi everyone, > > I had an interesting idea for OpenBSD. Haven't tried it yet. I'm > wondering what other people think of it? The idea is, thus: > > 1) Do execution tracing and just run a program. Do everything possible > in it to the fullest extent feasible and get an entire log of the > trace. OpenBSD can do tracing: > > https://man.openbsd.org/dt > > https://man.openbsd.org/btrace > > https://blog.lambda.cx/posts/openbsd-dynamic-tracing/ > > 2) Write a program that scans for all system calls in the trace, > suggesting what pledge promises to use. See: > > https://man.openbsd.org/pledge.2 > > I call this idea "autopledge".
Additionally the two outcomes of this will be: 1. Don't call pledge in the program. 2. Use pledge("audio bpf chown cpath disklabel dns dpath drm error exec fattr flock getpw id inet mcast pf proc prot_exec ps recvfd route rpath sendfd settime stdio tape tmppath tty unix unveil video vminfo vmm wpath wroute", NULL); And 1 and 2 are different, subtle but important. We should write a program that looks at all conflict and finds a simple solution for world peace.