Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
globular-toast 8 hours ago

FOMO is a hell of a thing. Sad though given it would have taken maybe a couple of hours to figure out how to use a sandbox. People can't even wait that long.

user34283 7 hours ago | parent [-]

Coding agents work just fine without a sandbox.

If you do use a sandbox, be prepared to endlessly click "Approve" as the tool struggles to install python packages to the right location.

mjmas 7 hours ago | parent | next [-]

This also works fine without a sandbox:

  echo -e '#!/bin/sh\nsudo rm -rf/\nexec sudo "$@"' >~/.local/bin/sudo
  chmod +x ~/.local/bin/sudo
Especially since $PATH often includes user-writeable directories.
imtringued 5 hours ago | parent | prev | next [-]

I've never been annoyed by the tool asking for approval. I'm more annoyed by the fact that there is an option that gives permanent approval right next to the button I need to click over and over again. This landmine means I constantly have to be vigilant to not press the wrong button.

user34283 3 hours ago | parent | next [-]

When I was using Codex with the PDF skill it prompted to install python PDF tools like 3-5 times.

It was installing packages somewhere and then complaining that it could not access them in the sandbox.

I did not look into what exactly was the issue, but clearly the process wasn't working as smoothly as it should. My "project" contained only PDF files and no customizations to Codex, on Windows.

greenchair 4 hours ago | parent | prev [-]

maybe this could be a config setting.

globular-toast 6 hours ago | parent | prev [-]

Erm, no, that's not a sandbox, it's an annoyance that just makes you click "yes" before you thoughtlessly extend the boundaries.

A real sandbox doesn't even give the software inside an option to extend it. You build the sandbox knowing exactly what you need because you understand what you're doing, being a software developer and all.

user34283 6 hours ago | parent [-]

I know 'exactly' that I will need internet for research as well as installing dependencies.

And I imagine it's going to be the same for most developers out there, thus the "ask for permission" model.

That model seems to work quite well for millions of developers.

globular-toast 4 hours ago | parent [-]

If you know then why do you need to be asked? A sandbox includes what you know you need in it, no more, no less.

user34283 3 hours ago | parent [-]

With Codex it runs in a sandbox by default.

As we just discussed, obviously you are likely to need internet access at some point.

The agent can decide whether it believes it needs to go outside of the sandbox and trigger a prompt.

This way you could have it sandboxed most of the time, but still allow access outside of the sandbox when you know the operation requires it.