|
|
|
|
|
|
by veunes
141 days ago
|
|
|
The zeroize after exec feature sounds good, but what is the threat model in an agent context? If the agent can run printenv in the first millisecond and exfiltrate it (if net is allowed), zeroizing won't help It seems egress filtering (allowlists) is more critical for agents than memory protection. If I allow an agent to run npm install, I'm opening a network Pandora's box, and Landlock (until ABI v4) offers pretty limited control there |
|
|