Of course there are many ways but LLM don't use them. They use standard commands and you will get a confirmation prompt in the terminal where you can deny and you are thrown back into prompting.
Speaking of Slashdot, some fairly frequent poster had a signature back around 2001/2002 had a signature that was something like
mv /bin/laden /dev/null
and then someone explained how that was broken: even if that succeeds, what you've done is to replace the device file /dev/null with the regular file that was previously at /bin/laden, and then whenever other things redirect their output to /dev/null they'll be overwriting this random file than having output be discarded immediately, which is moderately bad.
Your version will just fail (even assuming root) because mv won't let you replace a file with a directory.
there's an infinite amount of ways to delete a file. deny listing commands doesnt work.
python3 -c "import os; os.unlink('~/.bashrc')"
Choose whitelisting over blacklisting, like making your own tools that you give to it, and allow nothing else.
Let us know when your allowlist is done.
1 reply →
Choose racially neutral terminology…
allowlist and denylist (or blocklist)
5 replies →
Of course there are many ways but LLM don't use them. They use standard commands and you will get a confirmation prompt in the terminal where you can deny and you are thrown back into prompting.
They do get really creative to achieve their goals. Claude Code routinely uses these kind of one liners.
I have no idea if this is possible: mv ~/* /dev/null
Try that one instead:
mv ~/. /dev/null
Better.
Extra points if you achieve that one also:
mv /. /dev/null
Slashdot aficionados might object to that last one, though.
Speaking of Slashdot, some fairly frequent poster had a signature back around 2001/2002 had a signature that was something like
mv /bin/laden /dev/null
and then someone explained how that was broken: even if that succeeds, what you've done is to replace the device file /dev/null with the regular file that was previously at /bin/laden, and then whenever other things redirect their output to /dev/null they'll be overwriting this random file than having output be discarded immediately, which is moderately bad.
Your version will just fail (even assuming root) because mv won't let you replace a file with a directory.
Hmm... Let me go run it real quick without checking what it does.
EDIT: OH MY GOD
Har har, I meant within the permission framework of the bots people unleash on their personal computers.
I assume yes.