
Only goes down, not up ;)
Interesting development, leave it up to OpenBSD to come up with specific ideas to further secure the whole lot. Oh, and in case you're thinking what I was thinking when I first read this: pledge() can be called multiple times but only to reduce further abilities, not to regain them. Just found out about this myself in the pledge() manual page.
Now.. I'm an administrator, not so much a programmer, but I can't help draw some parallels with SELinux, even if that comparison doesn't really cover it. But... There is a routine in the kernel to secure things and the userland programs will need to support those routines in order to work with it. With that in mind, whilst knowing that I might make an unfair comparison, but I have to admit that this system appeals a lot more to me and I think it also has much more potential.
Here's the thing: security isn't only about covering all your bases. It's also about accessibility: not making it too hard for people to use. Because it you make things too complicated and too hard then chances are very high that several people will bypass or ignore it. And so here we are: one simple function call is enough to start using this routine, which I think makes it very accessible. And with that quite secure.
I really hope that we'll eventually see this popping up in FreeBSD as well.