10 pointsby drewgregory3 hours ago7 comments

hbogert19 minutes ago
> I really thought `eval` would not be abused on non validated input
```
    - your colleague, or you 1 year before.
```
zufallsheld2 hours ago
Same thing for allowing specific sudo-commands. Many tools (like vim or the tools mentioned in the article) would have the same problem when allowing them to be run with root privileges.
- denysvitali2 hours ago
  => https://gtfobins.org/
eqvinoxan hour ago
everything is a container these days, and yet somehow collective-we don't manage to have AI agents run in a container layer on top of our current work, so we can later commit or rollback?
pimlottc2 hours ago
I know they’re just being through but the “go test” part is a bit “Pray, Mr Babbage”… Test code is just code. I know of no language where tests are sandboxed in any meaningful way.
schneems24 minutes ago
"Welcome to 'Whose Turing Machine Is It Anyway?', the show where halting is made up and the permissions don't matter"
sadnboxx2 hours ago
Allowing a "command" (executable, I believe) that isn't a read-only absolute path is a fool's errand. I will modify PATH and run my own implementation of it.
teddyh2 hours ago
“…with Claude Code”
- extraduder_irean hour ago
  The same caveats would apply to most kinds of restricted shell environments.
- adastra222 hours ago
  Are there any agent permission systems that do this correctly?