| ▲ | thomas34298 6 hours ago | |||||||
Does that version of Codex still read sensitive data on your file system without even asking? Just curious. | ||||||||
| ▲ | ethan_smith 5 hours ago | parent | next [-] | |||||||
This is a pretty important issue given that the new update adds "computer use" capabilities. If it was already reading sensitive files in the CLI version, giving it full desktop control seems like it needs a much more robust permission model than what they've shown so far. | ||||||||
| ▲ | p_stuart82 3 hours ago | parent | prev | next [-] | |||||||
the awkward part isn't just about reading sensitive files. search, listings, direct reads, browser and computer use all sit behind different boundaries. hard to tell what any given approval actually buys or exposes. | ||||||||
| ▲ | andai 5 hours ago | parent | prev | next [-] | |||||||
https://www.reddit.com/r/ClaudeAI/comments/1r186gl/my_agent_... tldr Claude pwned user then berated users poor security. (Bonus: the automod, who is also Claude, rubbed salt on the wound!) I think the only sensible way to run this stuff is on a separate machine which does not have sensitive things on it. | ||||||||
| ||||||||
| ▲ | trueno 5 hours ago | parent | prev [-] | |||||||
ran into this literally yesterday. so im gonna assume yes. | ||||||||