From: Vevy Kod Subject: Re: pledge/unveil for harec? To: Theo de Raadt Cc: ports@openbsd.org Date: Thu, 18 Jul 2024 21:39:24 +0200 On 18/07/2024 21:22, Theo de Raadt wrote: > Vevy Kod wrote: > >> 1. We do not need a good reason to reduce our attack surface. The >> likeliness of the scenarios we are preventing does not matter: those >> scenarios will become likely as soon as they become the easiest to >> exploit. > > What is the attack surface? Google is your friend. >> 2. It prevents unknowingly escalating a supply-chain attack. If a >> malware is somehow embedded in the compiler, it will be able to 1) >> read secret keys used by developers to sign binary packages, and 2) >> embed those secret keys in the compiler output (likely set for >> distribution). > > > If the compiler has malware, it will probably remove the unveil > and pledge. You are bullshitting. You don't seem to understand the rational of using unveil and pledge. Of course they can always be removed, but that doesn't go unnoticed.