truncateat(2) doesn't have a flags parameter
The truncateat(2) system call, a Sortix invention, does not have a flags parameter. That means it doesn't have
AT_SYMLINK_NOFOLLOW, which means that the code can't make sure the path is not a symbolic link, causing an unintended file to get truncated instead. This would be a problem e.g. in a privileged daemon. The alternative way is to to open(2) the path, possibly using
O_NOFOLLOW or checking for a symbolic link afterwards with
fstat, and then using
ftruncate. Generally it's been a good thing that the *at system calls have a flags parameter, so we might as well want to add it.
This will be an incompatible ABI change. Nothing is using truncateat(2) right now (though scan the ports), except the truncate(2) system call, so another parameter can't easily be added.