Switch default to read-only, add -w for write access (previous default)
Write access seems less often required these days and other ways to ensure
effective read-only access are mere workarounds; worst case malicious users
can fill up the server's disk by writing to existing files.
diskless(8) only ever needs to read and running with "stdio rpath dns inet"
by default is much safer for a network daemon without any authentication.
Initially proposed as a new -R flag for read-only mode
new default suggestion dlg deraadt
"looks great" millert
OK sthen dlg
projects / openbsd / commit