Less basic use of unveil (continued)

Immediately following our unveil, we pledge..

if (family == AF_UNIX) {
  if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1)
    err(1, "pledge");
} else if (Fflag && Pflag) {
  if (pledge("stdio inet dns sendfd tty", NULL) == -1)
    err(1, "pledge");
} else if (Fflag) {
  if (pledge("stdio inet dns sendfd", NULL) == -1)
    err(1, "pledge");
} else if (Pflag && usetls) {
  if (pledge("stdio rpath inet dns tty", NULL) == -1)
    err(1, "pledge");
} else if (Pflag) {
  if (pledge("stdio inet dns tty", NULL) == -1)
    err(1, "pledge");
} else if (usetls) {
  if (pledge("stdio rpath inet dns", NULL) == -1)
    err(1, "pledge");
} else if (pledge("stdio inet dns", NULL) == -1)
    err(1, "pledge");

We have a different pledge for each blade of the knife.

Result: harder to usefully compromise.