Not useful for arbitrary file access Unveil isn't useful if the program needs to access arbitrary files throughout its execution. TZ/TERMCAP/TERM Can actually specify an arbitrary file - Thanks Unix! Opponent can use these to force you to open an arbitrary file Result is you can't effectively unveil without breaking program It would be nice to defang these, but is hard considering historical program behavior. This is on Theo's list of pet things to change in the world now...