> Create a tmpfs, create the necessary directory tree inside it, bind-mount each whitelisted path in the tmpfs to the real file, then pivot_root into the tmpfs
You've made an excellent case for pledge("rpath", ["/dev/null"]);
I am saying we can and should have a library that offers that interface, yes, but that having the lower-level building blocks available is also important.