| ▲ | parliament32 4 hours ago | |||||||
Fascinating read. What's curious though, is the claim in section 2.3.0.1: > Each task runs in its own sandbox. If an agent crashes, gets stuck, or damages its files, the failure is contained within that sandbox and does not interfere with other tasks on the same machine. ROCK also restricts each sandbox’s network access with per-sandbox policies, limiting the impact of misbehaving or compromised agents. How could any of the above (probing resources, SSH tunnels, etc) be possible in a sandbox with network egress controls? | ||||||||
| ▲ | robinsonb5 an hour ago | parent | next [-] | |||||||
The agent obviously knows the Train Man. | ||||||||
| ▲ | jacquesm 4 hours ago | parent | prev [-] | |||||||
Sandboxes are almost never perfect. There are always ways to smuggle data in or out, which is kind of logical: if they were perfect then there would be no result. | ||||||||
| ||||||||