Comment by aborsy

2 days ago

What is the best way to sandbox LLMs and packages in general, while being able to work on data from outside sandbox (get data in and out easily)?

There is also the need for data sanitation, because the attacker could distribute compromised files through user’s data which will later be run and compromise the host.

2 comments

aborsy

ashishb 2 days ago

I wrote this[1] for myself last year. It only gives access to the current directory (and a few others - see README). So, it drastically reduces the attack surface of running third-party Python/Go/Rust/Haskell/JS code on your machine.

1 - https://github.com/ashishb/amazing-sandbox

cowpig 2 days ago

Just wrote up a quick article on how greywall[0] prevents this attack:

https://greyhaven.co/insights/how-greywall-prevents-every-st...

[0] https://greywall.io/