After studying unveil and pledge, I am quite confused and get more close to believe the ironic slogan that #openbsd advertises: security by default . 😂
unveil and pledge are only implemented on the code level which means it’s easy to make them in your own programs (and the software that you are extremely familiar).
How about a bunch of third-party software you use daily even though they are open source? i bet none of you read through the source of the software you use.
@mdrights security by default is not about pledge & unveil only. It is about default file system structure, OS architecture decisions, randomization, and configs that are turned on by default.
BTW, pledge/unveil are patched to many 3rd party software by openbsd team. Specially if the software is both heavily used by obsd users and is often attacked. For example firefox, chrome, or nginx, to name a few.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.