Example: mkdir.c main(int argc, char *argv[]) { int ch; + if (pledge("stdio cpath rpath wpath fattr", NULL)==-1) + err(1, "pledge"); [rest of program] - Can do things "like stdio" - Can manipulate paths - "fattr" for -p option - Will not open sockets, pass file descriptors, ioctl etc