| ▲ | simonw 4 hours ago | |
The problem is that those underlying frameworks can very easily be misconfigured. I need to know that the higher level sandboxing tools were written by people with a deep understanding of the primitives that they are building on, and a very robust approach to testing that their assumptions hold and they don't have any bugs in their layer that affect the security of the overall system. Most people are building on top of Apple's sandbox-exec which is itself almost entirely undocumented! | ||
| ▲ | kjok 3 hours ago | parent [-] | |
> The problem is that those underlying frameworks can very easily be misconfigured. Agreed. I'm sure a number of these sandboxing solutions are vibe-coded, which makes your concerns regarding misconfigurations even more relevant. | ||