Comment by bigstrat2003

19 hours ago

I am too. It is genuinely really stupid to run these things with access to your system, sandbox or no sandbox. But the glaring security and reliability issues get ignored because people can't help but chase the short term gains.

10 comments

bigstrat2003

Reply
globular-toast  16 hours ago

FOMO is a hell of a thing. Sad though given it would have taken maybe a couple of hours to figure out how to use a sandbox. People can't even wait that long.

  • user34283  16 hours ago

    Coding agents work just fine without a sandbox.

    If you do use a sandbox, be prepared to endlessly click "Approve" as the tool struggles to install python packages to the right location.

    • mjmas  15 hours ago

      This also works fine without a sandbox:

        echo -e '#!/bin/sh\nsudo rm -rf/\nexec sudo "$@"' >~/.local/bin/sudo
  chmod +x ~/.local/bin/sudo

      Especially since $PATH often includes user-writeable directories.

    • imtringued  13 hours ago

      I've never been annoyed by the tool asking for approval. I'm more annoyed by the fact that there is an option that gives permanent approval right next to the button I need to click over and over again. This landmine means I constantly have to be vigilant to not press the wrong button.

      2 replies →

    • globular-toast  15 hours ago

      Erm, no, that's not a sandbox, it's an annoyance that just makes you click "yes" before you thoughtlessly extend the boundaries.

      A real sandbox doesn't even give the software inside an option to extend it. You build the sandbox knowing exactly what you need because you understand what you're doing, being a software developer and all.

      3 replies →