Comment by clbrmbr
1 day ago
I have been running two or three Claude’s bare metal with dangerously skip permissions all day every day for two months now. It’s absolutely liberating.
1 day ago
I have been running two or three Claude’s bare metal with dangerously skip permissions all day every day for two months now. It’s absolutely liberating.
Until it decides to delete your home directory:https://old.reddit.com/r/ClaudeAI/comments/1pgxckk/claude_cl...
You're not running it on a filesystem that takes snapshots and is easily reversible?
Many moons ago, I accidentally rm -rf'd the wrong directory with all my code inside poof, gone. I still had PyCharm open, I checked its built-in version tracker and lo and behold, my code as it was before I rm -rf'ed up my code. I believe Claude has ways to undo file changes, but something like rm is just outside of its scope.
All 1 of them?
2 replies →
This could be avoided by aliasing rm to something else that stops you from deleting stupid things like your entire home directory / partition root.
What if the LLM detects this, and chooses to run /bin/rm directly? Or worse, writes a program that calls unlink.
5 replies →
You can use the /hookify plugin to add hooks for preventing dangerous commands like this.
https://github.com/anthropics/claude-code/tree/main/plugins/...
So it's basically adding "don't delete my files pretty please" to the prompt?
EDIT: I misread, the natural language description of the rule is just a shortcut to generate the actual rule which is based on regexp patterns.
Still, it only protects you against very specific commands. Won't help you if the LLM decides to fill your disk with `cat /dev/urandom > foo` for example.
1 reply →
Is it worth the risk? For me yes. Today Claude decided to checkout a git commit from yesterday and all local unstaged changed were lost. Annoying mistake. Lost 6 hours of work I think. Nevertheless I still prefer giving all access to Claude. Also root. It can do everything.
same, it's made a couple of damaging mistakes but so far it has a better track record than me in terms of fat-fingering `rm` commands or what have you
I am sure that someday I will do something fat-fingered myself as well, but I have not in many years now. Are you saying that you make "damaging mistakes" relatively often?
And that's as a dev. Then we expect uses to know better than e.g. to trust links to .sh style installers some FOSS suggests...
> Then we expect uses to know better than e.g. to trust links to .sh style installers some FOSS suggests...
I don't know anyone that inspects every binary yet we apparently we should not trust shell scripts?
I know many who only use binaries from trusted sources, that do monitoring, provide certificates and checksums, and so on - and run them in an OS sandbox too when they install them.
So there's that
I have been driving without seat belt for two month now. It’s absolutely liberating.
I have been skydiving without a parachute for 23 seconds now. It's absolutely liberating.