|
|
|
|
|
|
by ethbr1
91 days ago
|
|
|
That's punting the problem in the same way SELinux did. Agent loops are useful precisely because they're zero config. Problem: I want to accomplish work securely. Solution: Put granular permission controls at every interface. New problem: Defining each rule at all those boundaries. There's a reason zero trust style approaches won out in general purpose systems: it turns out defining a perfect set of secure permissions for an undefined future task is impossible to do efficiently. |
|
|