Fix pledge value when option is none

[walkr]

Calling pledge() has no effect.

I believe the equivalent cstring value when no promise is supplied, should be the empty string and not nil (otherwise nothing is restricted).

According to the manual:

A promises value of "" restricts the process to the _exit(2) system call. 
This can be used for pure computation operating on memory shared with another process.

[euantorano]

Hi,

The full documentation is as follows:

A promises value of "" restricts the process to the _exit(2) system call. This can be used for pure computation operating on memory shared with another process.
Passing NULL to promises or execpromises specifies to not change the current value.

The idea is that to pledge with the empty string (e.g. to restrict to only the _exit(2) system call) you would call pledge as follows:

pledge(some(""), none(string))

The ergonomics aren't ideal, but at the time this seemed to be the best way to handle both cases.

I'm wary of changing this behaviour in case it breaks some usage out in the wild, but it might be a good idea if this was documented in some way?

[walkr]

Thanks for your reply.

Indeed the ergonomics aren't ideal.

How about adding another enum value which resolves to the empty string? I don't know what would be an appropriate name in this context given the meaning of the word promise, but maybePromise.Nothing or Promise.None, then one could call

pledge(Promise.None)

without breaking existing usage. I'm also thinking Promise.Empty, but I'm not a fan of empty promises, although in this context if might just fit.

[euantorano]

Yeah, I think having an enum value like Promis.None might be slightly cleaner. Then if there is only a single promise provided and it is equal to None then we pledge with the empty string.