Comment by cozzyd
1 day ago
Should be named Jia
More seriously, I'm not a heavy agent user, but I just create a user account for the agent with none of my own files or ssh keys or anything like that. Hopefully that's safe enough? I guess the risk is that it figures out a local privilege escalation exploit...
Dunno... with this setup it seems certain that the agent will discover a zero-day to escalate privilges and send your SSH keys to its handlers in N. Korea.
P.S. Everything old is new again <3
Yeah definitely a concern. Probably need a sandbox and separate user for defense in depth.