Thank you for your answer! On 6 oct. 2017 à 20:13 +0200, Theo de Raadt <dera...@openbsd.org>, wrote: > > I'm trying to use pledge to protect a go program. > > > > The exec aborts with abort trap: core dump > > > > Ktrace and /var/log/messages say that the __set_tcb > > syscall is denied. > > > > Can I configure pledge to allow such syscall ? > > In post-6.2, this is now allowed. It wasn't allowed earlier > due to an oversight.
After recompiling the kernel with STABLE 6.2, no such problem anymore. > > (Same question for mlock and mlockall) > > Uhm, those are not going to be allowed. They are precisely the > type of operations you should do before pledge. Ok, makes sense to set up the memory protection before indeed. Now I got another problem: - golang tries to set default socket options (see sockopt_bsd.go in go source) such as: syscall.SetsockoptInt(s, syscall.IPPROTO_IPV6, syscall.IPV6_V6ONLY, boolint(ipv6only)) - Boom, core dump with pledge. - And pledge source code has that cute « notyet » thingie: 1282 #ifdef notyet 1283 case IPV6_V6ONLY: 1284 #endif What does that mean ?... Regards, Stephane
