|
|
|
|
|
|
by dns_snek
26 days ago
|
|
|
Agents should make better use of OS sandboxing facilities with finer-grained ACLs. Less: Do you want to run "npm run build"? More: "npm run build" tried to read your Chrome cookie database, do you want to allow that? Some agents like Codex use sandboxing on Linux/MacOS but the permissions are far too coarse - they'll run the command in a relatively strict sandbox and when it fails they'll ask you to allowlist the command as a whole, forever. There should be a new permission prompt every time a command tries to do something new. Claude suggests (or used to suggest - it's been a while) to allowlist "bash" which completely defeats the point. If you do that the agent can run `bash -c "echo literally anything"` |
|
|