diff --git a/src/fop.rs b/src/fop.rs
index a58f759..974c5bb 100644
--- a/src/fop.rs
+++ b/src/fop.rs
@@ -32,7 +32,8 @@ use sysexits::{ EX_DATAERR, EX_IOERR, EX_UNAVAILABLE, EX_USAGE };
 
 #[cfg(target_os="openbsd")] use sysexits::EX_OSERR;
 #[cfg(target_os="openbsd")] extern crate openbsd;
-#[cfg(target_os="openbsd")] use openbsd::{ Promises, pledge };
+#[cfg(target_os="openbsd")]
+use openbsd::{ Promises, pledge, unveil };
 
 fn err(argv0: &String, e: Error) {
 	eprintln!("{}: {}", argv0, e.strerror());
@@ -49,11 +50,16 @@ fn main() -> ExitCode {
 	let mut optind = 1;
 
 	#[cfg(target_os="openbsd")] {
-		let promises = Promises::new("stdio proc exec");
+		let promises = Promises::new("exec proc stdio unveil");
 		if let Err(e) = pledge(Some(promises), None) {
 			err(&argv[0], e);
 			return ExitCode::from(EX_OSERR);
 		}
+
+		if let Err(e) = unveil(None, None) {
+			err(&argv[0], e);
+			return ExitCode::from(EX_OSERR);
+		}
 	}
 
 	while let Some(opt) = argv.getopt("d:") {