On 11 oct. 2017 à 18:49 +0200, Theo de Raadt <dera...@openbsd.org>, wrote:
> > What does that mean ?... > > It means you cannot pledge big pieces of software that perform > arbitratry magic. Learn the magic, change the magic. Sure :) So the solution: The first time a go program uses a socket, the go runtime does some probes to check for the IP capabilities of the host system. For example, the runtime checks that the system support mapping IPv4 in IPv6. See ipsock.go and ipsock_posix.go in golang source. The checks involve a call to SetsockoptInt(s, syscall.IPPROTO_IPV6, syscall.IPV6_V6ONLY, …) That call is forbidden by pledge. So the trick is to create a dummy socket (with net.Dial) *before* the call to pledge. That way the probes get executed once before pledge, and never get executed after. Regards, Stephane
