Contributed by pitrh on from the pledged to unbreak dept.
Many will have observed that pledge(2) usage is being pushed into the source tree at a very rapid pace.
I'd like if everyone looks in their dmesg logs for pledge errors. But please don't immediately mail a report! Instead, look for if someone else reports an error in the same command. If noone else does within 24 hours, then please inform tech@, or myself and semarie@
We're doing the best we can to test every usage case of the programs we modify, but there are going to be some glitches, hopefully all found & fixed quickly.
Oh and what has pledge become? A very simple annotation system call a program can do, to tell the kernel what it will do henceforth. If it breaks the rules, it gets killed (and you see those pledge messages). It's a new kind of security system, just wait and see... :)
You heard the man: If you're already running snapshots or intending to start doing so, your reports will be much appreciated.
(Comments are closed)