unveil(2)

General usage notes:

From @florian@bsd.network: Without pledge, unveil(2) needs 2 calls to block anything. Pledge(2) can stop unveil(2) though because you don’t pledge unveil.

unveil("somefile", "r");
unveil(NULL,NULL);

From @holsta@bsd.network: Calling pledge(2) without the filesystem pledges prevents all access without unveil(2).