Y
Hacker News
new
|
ask
|
show
|
jobs
by
RandomGerm4n
113 days ago
This is precisely why tools such as Copilot CLI, Claude Code, OpenCode, etc. are best used within a VM or a rootless Podman container.
1 comments
bigstrat2003
112 days ago
No, this is precisely why such tools are best unused at all. It is foolish in the extreme to give an LLM access to your system.
link
RandomGerm4n
112 days ago
But it's not my system it's just a container that I can delete. If you already have the image it takes less than a second to deploy them. Podman is rootless, which makes it almost impossible for anything to escape from the container.
link