| ▲ | CuriouslyC 11 hours ago | |||||||||||||
Would you let a pro blackhat loose on your system with just a different user account? | ||||||||||||||
| ▲ | athrowaway3z 10 hours ago | parent [-] | |||||||||||||
You'd let the pro blackhat loose in your VM on your own system? No because it's a dumb question and you don't want any stranger inside your home network regardless of firewall. The comparison you get to make is in terms of the _extra_ security this project buys you. Might I remind you of two things: - You're advocating for installing random (?kernel) level software from the internet. That by itself is a real and larger treat than any potentially insecure things my `llm` user _might_ do in the future. - User accounts security was the goto method for security for a long time. Further isolation was developed to accommodate: 'root' access for tenants, and finer resource limits controls. Neither I care to give an LLM. So we only have build in firewall and sandbox duplication as the real feature. For the latter, my experience is that it's useless on a personal device, and slows down building or requires too much cache config. I'm not installing random crap, so i can live with the risk of lan exposure. I'm happy with the maintenance/complexity/threat matrix of useradd. | ||||||||||||||
| ||||||||||||||