Basic use of unveil Consider OpenBSD's users(1) command: Reads the utmp file.. Does a bunch of string parsing to find out users of system. ... if (unveil(_PATH_UTMP, "r") == -1) err(1, "unveil"); if (pledge("stdio rpath", NULL) == -1) err(1, "pledge"); while ((ch = getopt(argc, argv, "")) != -1) ... The unveil call restricts the program to only read access to the utmp file. The pledge call immediately afterwards removes the ability for further unveils. (We could have used unveil(NULL,NULL) if we were not using pledge)