Jesus christ, once again, the point is it doesn't matter. There is nothing in place if someone does. Good security is preparing for different possibilities, not just hoping one never happens because it seems unlikely.
You're just proving what I said above 100% correct, that the OBSD approach is to just really hope that no one ever gets remote root.
Tell you what, getting root on a properly configured MAC system is 100% impossible, so I'll choose that over a system where the developers just really really hope something bad won't happen every day of the week.
I honestly can't even imagine putting all my faith in pledge and chroot like you do. It genuinely boggles my mind that you think this is a good approach.
The only way a program can interact with the system is through system calls. Can you explain why irreversibly taking away a program's permissions to do anything interesting, especially as root, is a bad approach?
You're just proving what I said above 100% correct, that the OBSD approach is to just really hope that no one ever gets remote root.
Tell you what, getting root on a properly configured MAC system is 100% impossible, so I'll choose that over a system where the developers just really really hope something bad won't happen every day of the week.