If you're not dead, what happens? Pledge(2) violation is "easy", your program dies. Unveil is segmenting a filesystem. Filesystems have complicated semantics, and you don't actually want the program to die. There are nuances around: - libc used files - per-program known files - files provided by argv[] or configuration - filenames just known by a program - file names inside $HOME - the ability to create abstract trees using symbolic links. - the ability to change working directory and walk up and down.