On 2025/04/29 18:05, H. Hartzer wrote:
> Theo de Raadt wrote:
> > Are we missing a pledge behaviour that would block opening of
> > AF_UNIX sockets?
> >
> > Or is gaining access to other AF_UNIX sockets the main reason why
> > the browsers are accessing /tmp?
> >
> > And of course, the problem with a such a pledge, is that it would affect
> > everywhere in the filesystem.  But maybe there is some restriction we can
> > impose which blocks this.
> 
> I was curious about this and tried adjusting unveil settings for /tmp.
> Sure enough, Firefox won't start.

You could try setting TMPDIR and see if enough of Firefox and associated
libraries honour that to be usable.

> Of course if Firefox could play nicely and just store cache in say
> ~/.cache/firefox, that would be easier than either of these ideas.

cache *is* stored under ~.