... which would allow you to load arbitrary code into the kernel, pretty much bypassing any and all security. You might as well not have a password at all. Which, incidentally, can be a valid strategy for isolated external dev boards, or QEMU VMs. But on a machine with stuff you care about? You're basically ripping it open.

▲

5 days ago | parent | next [-]

[deleted]

▲

unethical_ban 5 days ago | parent | prev | next [-]

He was already loading "arbitrary" Claude code, no? I'm suggesting there was a way to skip password entry by narrowly tailoring an exception.

Another thought, IIRC in the plugins for Claude code in my IDE, you can "authorize" actions and have manual intervention without having to leave the tool.

My point is there were ways I think they could have avoided copy/paste.

	▲	anyfoo 5 days ago \| parent [-]
		While I personally would have used a dedicated development target, the workflow he had at least allowed him to have a good look at any and all code changes, before approving with the root password. That is a bit different than allowing unconfirmed loading of arbitrary kernel code without proper authentication.

▲

5 days ago | parent | prev | next [-]

[deleted]

▲

5 days ago | parent | prev [-]

[deleted]