[sdkmvx]

From the manpage:

> exec: Allows a process to call execve(2). Coupled with the proc promise, this allows a process to fork and execute another program. The new program starts running without pledge active and hopefully makes a new pledge().

[umanwizard]

That's not clear, though. "The new program" it talks about is after running fork and exec, not just exec. It doesn't specify which call resets the pledge.

[heinrich5991]

From the quoted text I'd understand it's the `exec` that resets the pledge.

[umanwizard]

I installed OpenBSD so I could check this out. tl;dr, you were right.

    $ cat testpledge.c
    #include <unistd.h>
    #include <stdio.h>
    int main()
    {
      pledge("proc exec", NULL);
      execl("/bin/echo", "echo", "asdf", NULL);
      _exit(0);
    }
    $ cc testpledge.c
    $ ./a.out
    asdf

[gpvos]

After fork, the original program is still running. The text specifically refers to the proc promise, which allows fork. It may be tersely formulated, but I really don't see how you could interpret this text otherwise.