Comment by v3ss0n
7 hours ago
How in the world MCP is going to be more secure? It introduce a big surface layers for injection attacks and supply chain attacks..
7 hours ago
How in the world MCP is going to be more secure? It introduce a big surface layers for injection attacks and supply chain attacks..
To be devil’s advocate: if you are just running commands with bash or power shell or the like there is no protection. You might have some rules that ban
rm -rf ~
but sandboxing in general is not an easy problem.
It is. The issue is all the weird constraints that usually come up with it. Like I want to use my favorite code editor, I want easy copy and paste, or I can’t bother setting up a separate user account on my computer.
On unix, you can easily create a new user account, switch to it (or ssh or setup vnc), and run the tool there. If users are enough for servers on the internet, they can be for your workstation (unless there’s something like copyfail, but you can make do with a vm then).
[dead]