Comment by donkeylazy456

1 month ago

Write permission is needed to let AI yank-put frankenstein-ed codes for "vibe coding".

But I think it needs to be written in sandbox first, then it should acquire user interaction asking agreement before writes whatever on physical device.

I can't believe people let AI model do it without any buffer zone. At least write permission should be limited to current workspace.

7 comments

donkeylazy456

Reply
lifthrasiir  1 month ago

I think this is especially problematic for Windows, where a simple and effective lightweight sandboxing solution is absent AFAIK. Docker-based sandboxing is possible but very cumbersome and alien even to Windows-based developers.

  • jrjfjgkrj  1 month ago

    Windows Sandbox is built in, lightweight, but not easy to use programmatically (like an SSH into a VM)

    • lifthrasiir  1 month ago

      WSB is great by its own, but is relatively heavyweight compared to other OSes (namespaces in Linux, Seatbelt in macOS).

  • donkeylazy456  1 month ago

    I don't like that we need to handle docker(container) ourselves for sandboxing such a light task load. The app should provide itself.

    • bossyTeacher  1 month ago

      >The app should provide itself.

      The whole point of the container is trust. You can't delegate that unfortunately, ultimately, you need to be in control which is why the current crop of AI is so limited

      1 reply →