← Back to context

Comment by crossroadsguy

10 hours ago

I am just shocked to see people are letting these tools run freely even on their personal computers without hardening the access and execution range.

I wish there was something like Lulu for file system access for an app/tool installed on a mac where I could set “/path” and that tool could access only that folder or its children and nothing else, if it tried I would get a popup. (Without relying on the tool’s (e.g. Claude’s) pinky promise.

1 comment

crossroadsguy

Reply
mickael-kerjean  4 hours ago

That's one of the features of Filestash (Disclaimer: I made it). You connect whatever storage, give it the authorisation you want (eg: ls, cat, mkdir, rm, mv, save), and through the SFTP gateway you can mount in your FS and get full auditability, with the audit trail being tamper proof, traceable, timestamped and non-repudiable

  link:
  https://www.filestash.app/ 
  https://github.com/mickael-kerjean/filestash