Theo de Raadt wrote: After pledge, 80% of the base programs were converted to pledge-assisted priv-drop, because it was really obvious that "initialization code" could and should be moved earlier in the program, so that pledge (or multiple pledge calls dropping permissions further) could be added to the program.
Inside the group, we called this moving of initialization code to earlier "hoisting". Hoisting and cleanup can have very large benefits independent of implementing pledge or other security features. I have seen programs shrink by almost 90% and gain functionality as a result. In one case it -was- a program which ran with privileges equivalent to root. As a byproduct of the cleanup we were later able to assure ourselves that the result needed no more changes to be as secure as we could make it. geoff steckel