Uncovered apm(4) ioctl(2) prevents pledge(2) usage;  unveil(2) to
- prevent execution
- limit write to /var/run/dbus/ and /var/db/upower/
- limit create/delete to /var/db/upower/

Index: src/up-main.c
--- src/up-main.c.orig
+++ src/up-main.c
@@ -22,6 +22,7 @@
 
 #include "config.h"
 
+#include <err.h>
 #include <string.h>
 #include <signal.h>
 #include <sys/types.h>
@@ -183,6 +184,15 @@ main (gint argc, gchar **argv)
 	UpState *state;
 	GBusNameOwnerFlags bus_flags;
 	gboolean replace = FALSE;
+
+	if (unveil("/", "r") == -1)
+		err(1, "unveil /");
+	if (unveil("/var/run/dbus", "rw") == -1)
+		err(1, "unveil /var/run/dbus");
+	if (unveil("/var/db/upower", "rwc") == -1)
+		err(1, "unveil /var/db/upower");
+	if (unveil(NULL, NULL) == -1)
+		err(1, "unveil NULL");
 
 	const GOptionEntry options[] = {
 		{ "timed-exit", '\0', 0, G_OPTION_ARG_NONE, &timed_exit,
