x/sys/unix: pledge_openbsd.go lacks a function to pass nil for both promises and execpromises #36638
Description
What version of Go are you using (go version)?
$ go version go version go1.13.1 openbsd/amd64
Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (go env)?
go env Output
$ go env GO111MODULE="" GOARCH="amd64" GOBIN="" GOCACHE="/home/redacted/.cache/go-build" GOENV="/home/redacted/.config/go/env" GOEXE="" GOFLAGS="" GOHOSTARCH="amd64" GOHOSTOS="openbsd" GONOPROXY="" GONOSUMDB="" GOOS="openbsd" GOPATH="/home/redacted/go" GOPRIVATE="" GOPROXY="https://proxy.golang.org,direct" GOROOT="/usr/local/go" GOSUMDB="sum.golang.org" GOTMPDIR="" GOTOOLDIR="/usr/local/go/pkg/tool/openbsd_amd64" GCCGO="gccgo" AR="ar" CC="cc" CXX="c++" CGO_ENABLED="1" GOMOD="" CGO_CFLAGS="-g -O2" CGO_CPPFLAGS="" CGO_CXXFLAGS="-g -O2" CGO_FFLAGS="-g -O2" CGO_LDFLAGS="-g -O2" PKG_CONFIG="pkg-config" GOGCCFLAGS="-fPIC -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build858990023=/tmp/go-build -gno-record-gcc-switches"
What did you do?
Passing nil to promises or execpromises prevents that value from being changed in the future (see pledge(2). I wanted to prevent both promises and execpromises from being further modified.
What did you expect to see?
For there to be a function to pass nil for both promises and execpromises, akin to unveil_openbsd.go's UnveilBlock().
What did you see instead?
Currently, to prevent future modification of promises and execpromises, you need to call PledgePromises(), which locks down execpromises, followed by PledgeExecpromises(), which locks down promises.
This is rather unwieldy and requires you to re-specify your current promises and execpromises (as passing "" to the above 2 functions would limit you to only being able to call _exit(2)).