Comment by crossroadsguy

13 hours ago

I am just shocked to see people are letting these tools run freely even on their personal computers without hardening the access and execution range.

I wish there was something like Lulu for file system access for an app/tool installed on a mac where I could set “/path” and that tool could access only that folder or its children and nothing else, if it tried I would get a popup. (Without relying on the tool’s (e.g. Claude’s) pinky promise.

2 comments

crossroadsguy

Reply
codethief  1 hour ago

So like… a container or a VM?

> if it tried I would get a popup

Ok, that's not implemented yet but using a custom FUSE-based file system (or using something like Armin Rohnacher's new sandboxing solution[0]) it shouldn't be too hard. I bet you could ask Claude to write that. :)

[0]: https://github.com/earendil-works/gondolin

mickael-kerjean  7 hours ago

That's one of the features of Filestash (Disclaimer: I made it). You connect whatever storage, give it the authorisation you want (eg: ls, cat, mkdir, rm, mv, save), and through the SFTP gateway you can mount in your FS and get full auditability, with the audit trail being tamper proof, traceable, timestamped and non-repudiable

  link:
  https://www.filestash.app/ 
  https://github.com/mickael-kerjean/filestash