@kmeisthax This is going to break applications that use dlsym to look up symbols in libc though

@kmeisthax Like if you take this to its logical conclusion it’s just “applications should specify which system calls they use” which is literally just what pledge does and it’s enforced by the kernel and not in some weird ad-hoc IP to syscall number lookup scheme