@FrailLeaf Unveil -- Restricts filesystems access. This is why Chromium / Firefox only shows "~/Downloads" in your filesystem. You can edit the files in /etc/chromium/ or whatever and basically "allow" certain directories. In Linux you have stuff like Flatpak which sort of does this but that's its own disaster; there are other tools but Flatpak is more popular

Pledge -- Restricts syscall (functions) access, i.e. networking, file writing, stdio text stuff. You don't need to know this really but its done to minimize exploit of software. On Linux you also have Flatpak but again... those are like fancy containers

Both are C syscalls (and are documented as such) so i guess it looks confusing, but these are 2 security openbsd functions that are discussed often. I think the openbsd.org site describes this stuff much easier in the innovations page.