OpenBSD's new pledge() system call which can be used to disable all but
the given groups of Unix syscalls for the remainder of the life of the
current process (e.g. programs that don't use the network can disable
all socket operations).
That is indeed very interesting. It has 31 groups, though, for 2^31
possibilities. It must have been a bitch to implement.
Perhaps you intended to make a similar argument in this
thread, John? That the SRFI provides a simple protection that is worth
its small cost and should be combined with other precautions.
I have added such language now.