The current process is forced into a restricted-service operating mode. A few subsets are available, roughly described as computation, memory management, read-write operations on file descriptors, opening of files, networking. In general, these modes were selected by studying the operation of many programs using libc and other such interfaces, and setting promises or execpromises.

A process which attempts a restricted operation is killed with an uncatchable SIGABRT.

More information is available in the OpenBSD man pages.

To restrict a process:

Process.pledge(:stdio, :rpath, :wpath, :flock)
Process.pledge(["stdio", "rpath"], ["/some/exec/promise"])

To completely restrict a process:

Process.pledge()

ditto