Hacker News new | past | comments | ask | show | jobs | submit login

> I think that people are just not ready for the sort of novel privilege escalation we are going to see with over-provisioned agents.

I think every single person saw this coming.

> Any recommended best practices people are establishing?

What best practices could there even be besides "put it in a VM"? It's too easy to manipulate.




There are VM escapes so even if you put it in a VM that's no guarantee.

I'd say run it on a separate box but what difference does that makes if you feed the same data to them?


If VM escapes were a big problem the cloud would not be a thing.

But on that note that's probably the best place to run these things.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: