Hi everyone,
I had an interesting idea for OpenBSD. Haven't tried it yet. I'm wondering what other people think of it? The idea is, thus: 1) Do execution tracing and just run a program. Do everything possible in it to the fullest extent feasible and get an entire log of the trace. OpenBSD can do tracing: https://man.openbsd.org/dt https://man.openbsd.org/btrace https://blog.lambda.cx/posts/openbsd-dynamic-tracing/ 2) Write a program that scans for all system calls in the trace, suggesting what pledge promises to use. See: https://man.openbsd.org/pledge.2 I call this idea "autopledge". PS: I initially proposed this on IRC, but I was told that the IRC channel is mostly for user support, so I thought it best to discuss here. -- Leah Rowe
