|
|
|
|
|
|
by mirashii
55 days ago
|
|
|
How about the boy who called nonsense security vulnerabilities. This is the same author who posts with incredulity that the ability to change a config file with a shell command in it gives you the ability to run the shell command you posted and wants it treated as some big CVE. Absolutely inconceivable that you might already have your harness in a sandbox where this is okay, and inconceivable that anyone might have a threat model that says that someone who can edit configuration of a tool can make that tool do arbitrary things allowed by its config. https://www.flyingpenguin.com/ox-security-report-anthropic-m... |
|
|
I'm sure the hyper-paranoid cybersecurity researchers are all about ensuring well-behaved model stays well behaved.